Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Net+ & Sec+ Terms

Network+ & Security+ Terms

TermDefinition
802.11 An IEEE standard that specifies an over-the-air interface between a wireless client and a base station or between two wireless clients.
802.16 A wireless standard (also known as WiMAX) with a range of up to 30 miles.
802.2 An IEEE standard used to address the need for MAC sub-layer addressing in bridges.
802.3 An IEEE standard used to standardize Ethernet and expand it to include a wide range of cable media.
10 Gigabit Ethernet (10 GbE) Currently (2015) the fastest Ethernet designation available, with a number of fiber-optic and copper standards.
10 Tape Rotation A backup rotation scheme in which ten backup tapes are used over the course of two weeks.
1000BaseCX A Gigabit Ethernet standard using unique copper cabling, with a 25-m maximum cable distance.
1000BaseLX A Gigabit Ethernet standard using single-mode fiber cabling, with a 5-km maximum cable distance.
1000BaseSX A Gigabit Ethernet standard using multimode fiber cabling, with a 220- to 500-m maximum cable distance.
1000BaseT A Gigabit Ethernet standard using CAT 5e/6 UTP cabling, with a 100-m maximum cable distance.
1000BaseTX Short-lived gigabit-over-UTP standard from TIA/EIA. Considered a competitor to 1000BaseT, it was simpler to implement but required the use of CAT 6 cable.
1000BaseX An umbrella Gigabit Ethernet standard. Also known as 802.3z. Comprises all Gigabit standards with the exception of 1000BaseT, which is under the 802.3ab standard.
100BaseFX An Ethernet LAN designed to run on fiber-optic cabling. Runs at 100 Mbps and uses baseband signaling. Maximum cable length is 400 m for half-duplex and 2 km for full-duplex.
100BaseT An Ethernet LAN designed to run on UTP cabling. Runs at 100 Mbps, uses baseband signaling, and uses two pairs of wires on CAT 5 or better cabling.
100BaseT4 An Ethernet LAN designed to run on UTP cabling. Runs at 100 Mbps and uses four-pair CAT 3 or better cabling. Made obsolete by 100BaseT.
100BaseTX The technically accurate but little-used name for 100BaseT.
10Base standards A set of standards that describes the media type and the speeds at which each type of media operates
10Base2 The last true bus-standard network where nodes connected to a common, shared length of coaxial cable.
10BaseFL Fiber-optic implementation of Ethernet that runs at 10 Mbps using baseband signaling. Maximum segment length is 2 km.
10BaseT An Ethernet LAN designed to run on UTP cabling. Runs at 10 Mbps and uses baseband signaling. Maximum length for the cabling between the NIC and the hub (or the switch, the repeater, and so forth) is 100 m.
10GBaseER/10GBaseEW A 10 GbE standard using 1550-nm single-mode fiber. Maximum cable length up to 40 km.
10GBaseLR/10GBaseLW A 10 GbE standard using 1310-nm single-mode fiber. Maximum cable length up to 10 km.
10GBaseSR/10GBaseSW A 10 GbE standard using 850-nm multimode fiber. Maximum cable length up to 300 m.
10GBaseT A 10 GbE standard designed to run on CAT 6a UTP cabling. Maximum cable length of 100 m.
110 Block Also known as a 110-punchdown block, a connection gridwork used to link UTP and STP cables behind an RJ-45 patch panel.
110-Punchdown Block The most common connection used on the back of an RJ-45 jack and patch panels.
1Pv4 address A 32-bit binary number assigned to a computer on a TCP /IP network.
1Pv6 address A 128-bit hexadecimal number assigned to a computer on a TCP/IP network.
3DES - Number of Rounds 48
3G Third generation wireless data standard for cell phones and other mobile devices. Evolved High-Speed Packet Access (HSPA+) became the final wireless data standard
3-Leg Perimeter A type of DMZ where a firewall has three legs that connect to the LAN, Internet, and the DMZ.
4G Most popularly implemented as Long Term Evolution (LTE), a wireless data standard with theoretical download speeds of 300 Mbps and upload speeds of 75 Mbps.
6in4 One of the most popular of all the IPv6 tunneling standards, and one of only two IPv6 tunneling protocols that can go through a NAT.
6to4 The dominant IPv6 tunneling protocol because it is the only IPv6 tunnel that doesn't require a tunnel broker. It is generally used to directly connect two routers because it normally requires a public IPv4 address.
802 Committee The IEEE committee responsible for all Ethernet standards.
802.11a A wireless standard that operates in the frequency range of 5 GHz and offers throughput of up to 54 Mbps.
802.11a-ht Technical term for mixed mode 802.11a/802.11g operation. In mixed mode, both technologies are simultaneously supported.
802.11b The first popular wireless standard, operates in the frequency range of 2.4 GHz and offers throughput of up to 11 Mbps.
802.11g Currently (2015) the wireless standard with the widest use, operates on the 2.4-GHz band with a maximum throughput of 54 Mbps.
802.11g-ht Technical term for mixed mode 802.11a/802.11g operation. In mixed mode, both technologies are simultaneously supported.
802.11i A wireless standard that added security features.
802.11n An updated 802.11 standard that increases transfer speeds and adds support for multiple in/multiple out (MIMO) by using multiple antennas.Can operate on either the 2.4- or 5-GHz frequency band and has a maximum throughput of 400 Mbps.
802.1X A port-authentication network access control mechanism for networks.
802.3ab The IEEE standard for 1000BaseT.
802.3z The umbrella IEEE standard for all versions of Gigabit Ethernet other than 1000BaseT.
802.x A family of networking standards developed by IEEE.
A A DNS record that maps the host name to its IP address using a 32-bit IPv4 address.
A Records A list of the IP addresses and names of all the systems on a DNS server domain.
AAAA A DNS record that maps the host name to its IP address using a 128-bit IPv6 address.
Acceptable Use Policy A document that defines what a person may and may not do on an organization's computers and networks.
Access Control In security terms, the process of determining and assigning privileges to various resources, objects, and data.
Access Control List A clearly defined list of permissions that specifies what actions an authenticated user may perform on a shared resource.
Access Control Model Methodologies in which admission to physical areas, and more important computer systems, is managed and organized.
Access Control Server Cisco program/process/server that makes the decision to admit or deny a node based on posture assessment. From there, directs the edge access device to allow a connection or to implement a denial or redirect.
Access Point A device or software that facilitates communication and provides enhanced security to wireless devices.
Access Port Regular port in a switch that has been configured as part of a VLAN. Ports that hosts connect to. They are the opposite of a trunk port, which is only connected to a trunk port on another switch.
Account Expiration The date when users’ accounts they use to log on to the network expires.
Accountability In security terms, the process of determining who to hold responsible for a particular activity or event.
Accounting Track the use of network resources by authenticated users
Active Directory A form of directory service used in networks with Windows servers. Creates an organization of related computers that share one or more Windows domains.
Active Hub A hub that regenerates the signal similar to a repeater.
Active IDS An IDS that detects a security breach according to the parameters it has been configured with, logs the activity, and then takes the appropriate action to block the user from the suspicious activity.
Active Interception Also known as active inception in the CompTIA 2008 Security+ objectives; normally includes a computer placed between the sender and the receiver in an effort to capture and possibly modify information.
Activex A set of Microsoft technologies used to link desktop applications to Web sites.
Activex Controls A specific way of implementing ActiveX; also called add–ons.
Activity Light An LED on a NIC, hub, or switch that blinks rapidly to show data transfers over the network.
Ad Filtering Ways of blocking and filtering out unwanted advertisement; popup blockers and content filters are considered to use these methods
Ad Hoc Mode A wireless networking mode where each node is in direct contact with every other node in a decentralized free-for all. Similar to the mesh topology.
Add–Ons A specific way of implementing ActiveX; also called ActiveX controls.
Address Munging A method used by end users to provide a fake name or address to post on consumer websites or newsgroups.
Address Resolution Protocol A communications protocol that resolves IP addresses to MAC addresses.
Address Space Layout Randomization A windows vista feature that randomly assigns executable operating system code to different possible locations in memory
Ad-hoc Mode A peer-to-peer wireless configuration where each wireless workstation talks directly to other workstations.
Administrative Accounts Specialized user accounts that have been granted sufficient access rights and authority to manage specified administrative tasks. Some have all authority throughout the system. Others must be explicitly assigned specific powers
Advanced Encryption Standard A block cipher created in the late 1990s that uses a 128-bit block size and a 128-, 192-, or 256-bit key size. Practically uncrackable.
Advanced Persistent Threat A network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time
Adware A program that monitors the types of Web sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows.
Agent In terms of posture assessment, refers to software that runs within a client and reports the client's security characteristics to an access control server to be approved or denied entry to a system.
Agent-less A client that has its posture checked and presented by non-permanent software, such as a Web app program, that executes as part of the connection process. Does not run directly within the client but is run on behalf of the client.
Aggregation A router hierarchy in which every router underneath a higher router always uses a subnet of that router's existing routes.
Air Gap The act of physically separating a network from every other network.
Aircrack-ng An open source tool for penetration testing many aspects of wireless networks.
Alert Proactive message sent from an SNMP manager as a result of a trap issued by an agent. May be sent as email, SMS message, voicemail, or other avenue.
Algorithm A set of rules for solving a problem in a given number of steps.
Allow Permission for data or communication to pass through or to access a resource. Specific allowances through a firewall are called exceptions.
Alternating Current An electrical current that switches its flow back and forth in a circuit
American National Standards Institute The national standards institute of the United States, which facilitates the formation of a variety of national standards, as well as promoting those standards internationally.
Amplification The aspect of a DoS attack that makes a server do a lot of processing and responding.
Amplitude The crest or trough of a wave from the midpoint of the waveform to its top or bottom.
Analog Modulation The process of superimposing a low frequency data signal over a high frequency carrier waveform.
Analog Signal A signal that oscillates over time between minimum and maximum values and can take on any value between those limits.
Angled Physical Contact Fiber-optic connector that makes physical contact between two fiber-optic cables. It specifies an 8-degree angle to the curved end, lowering signal loss. Have less connection degradation from multiple insertions compared to other connectors
Annualized Loss Expectancy The product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE)
Annualized Rate of Occurrence The probability that a risk will occur in a particular year.
Anomaly-Based Monitoring Also known as statistical anomaly based; establishes a performance baseline based on a set of normal network traffic evaluations.
Anti-Malware Program Software that attempts to block several types of threats to a client including viruses, Trojan horses, worms, and other unapproved software installation and execution.
Antispyware Software that helps prevent computers from becoming infected by different types of spyware
Antivirus Software that attempts to prevent viruses from installing or executing on a client. May also attempt to remove the virus or eradicate the effects of a virus after an infection.
Antivirus Software A software program that scans a computer or network for known viruses, Trojans, worms, and other malicious software.
Anycast A method of addressing groups of computers as though they were a single computer. Anycasting starts by giving a number of computers (or clusters of computers) the same IP address. Advanced routers then send incoming packets to the closest of the computers
AP Isolation Each client connected to the AP will not be able to communicate with each other, but they can each still access the Internet.
Apache HTTP Server An open source HTTP server program that runs on a wide variety of operating systems.
Application Firewall A firewall that can control the traffic associated with specific applications. Works all the way up to the Application Layer of the OSI model.
Application layer The OSI layer provides services and utilities that enable applications to access the network and its resources.
Application Level Gateway Applies security mechanisms to specific applications, such as FTP and/or BitTorrent. It supports address and port translation and checks whether the type of application traffic is allowed.
Application Log Tracks application events, such as when an application opens or closes.
Application Programming Interface Shared functions, subroutines, and libraries that allow programs on a machine to communicate with the OS and other programs.
Application Service Provider A business providing computer-based services to customers over a network; such as access to a particular software application (such as customer relationship management) using a standard protocol
Application/Context Aware Advanced feature of some stateful firewalls where the content of the data is inspected to ensure it comes from, or is destined for, an appropriate application.
Application-based IDS An IDS software component that monitors a specific application on a host.
Approval Process One or more decision makers consider a proposed change and the impact of the change, including funding. If the change, the impact, and the funding are acceptable, the change is permitted
Archive The creation and storage of retrievable copies of electronic data for legal and functional purposes.
Archive Bit An attribute of a file that shows whether the file has been backed up since the last change. Each time a file is opened, changed, or saved, the attribute is turned on
Area ID Address assigned to routers in an OSPF network to prevent flooding beyond the routers in that particular network.
Areas Groups of logically associated OSPF routers designed to maximize routing efficiency while keeping the amount of broadcast traffic well managed. Assigned a 32-bit value
ARP cache A table used to maintain a correlation between each MAC address and its corresponding IP address.
ARP Cache Poisoning A man-in-the-middle attack, where the attacker associates his MAC address with someone else's IP address (almost always the router), so all traffic will be sent to him first. The attacker sends out unsolicited ARPs, which can either be requests or replies
ARP Poisoning An attack that exploits Ethernet networks, and it may enable an attacker to sniff frames of information, modify that information, or stop it from getting to its intended destination.
Arp Utility A command that enables an administrator to view and manipulate the ARP cache, including deleting it or adding an entry to it.
Arping A command used to discover hosts on a network, similar to ping, but that relies on ARP rather than ICMP. Won't cross any routers, so it will only work within a broadcast domain.
Asset An entity that has value.
Asset Management Managing each aspect of a network, from documentation to performance to hardware.
Asymmetric Digital Subscriber Line A fully digital, dedicated connection to the telephone system that provides download speeds of up to 9 Mbps and upload speeds of up to 1 Mbps.
Asymmetric-Key Algorithm An encryption method in which the key used to encrypt a message and the key used to decrypt it are different, or asymmetrical.
Asynchronous Communications A communication method in which special start and stop bit patterns are inserted between each byte of data allowing the receiver to distinguish between the bytes in the data stream.
Asynchronous Transfer Mode A cell-switching network technology designed for the high-speed transfer of voice, video, and data in LANs, WANs, and telephone networks.
Attachment Unit Interface Connector A 15-pin D-shaped connector. Also known as a DIX connector, named for the three companies that invented it: Digital Equipment Corporation (DEC), Intel, and Xerox.
Attack Any technique that is used to exploit a vulnerability in any application on a computer system without authorization.
Attacker A term for a user who gains unauthorized access to computers and networks for malicious purposes.
Attenuation The degradation of signal over distance for a networking cable.
Audit Records Operating system logs that contain only security event information
Audit Trails Records or logs that show the tracked actions of users, whether the user was successful in the attempt.
Auditing In security terms, the process of tracking and recording system activities and resource access. Also known as accounting.
Authentication A network security measure in which a computer user or some other network component proves its identity in order to gain access to network resources.
Authentication by Assertion Authentication based entirely on a user name/password combination.
Authentication Header Protects the non–changing elements in the Ipheader, enabling data–origin authentication
Authentication Header Protocol A protocol that IPSec uses to provide data integrity through the use of MDS and SHA. Takes an IP packet and uses either MDS or AH to hash the IP header and the data payload, and then adds its own header to the packet.
Authentication Methods (3) 1. Something you know (ie password) 2. Something you have (ie token) 3. Something you are (ie biometrics)
Authentication Server In Kerberos, a system that hands out Ticket-Granting Tickets to clients after comparing the client hash to its own.
Authentication, Authorization, and Accounting A security philosophy wherein a computer trying to connect to a network must first present some form of credential in order to be authenticated and then must have limitable permissions within the network.
Authenticator The device in between the supplicant and the authentication server, such as a wireless access point. Can be simple and dumb – all of the brains have to be in the supplicant and the authentication server.
Authoritative DNS Servers DNS servers that hold the IP addresses and names of systems for a particular domain or domains in special storage areas called forward lookup zones. They also have reverse lookup zones.
Authoritative Name Server A name server that responds to name-related queries in one or more zones.
Authoritative Name Servers Another name for authoritative DNS servers
Authorization In security terms, the process of determining what rights and privileges a particular entity has.
Automated Patch Update Service A locally managed patch update service that is used to distribute patches instead of relying upon the vendor's online update service.
Automatic Private IP Addressing A networking feature in operating systems that enables DHCP clients to self-configure an IP address and subnet mask automatically when a DHCP server isn't available.
Autonomous System One or more networks that are governed by a single protocol, which provides routing for the Internet backbone.
Availability The fundamental security goal of ensuring that systems operate continuously and that authorized persons can access data that they need.
Back to-Back Perimeter A type of DMZ where the DMZ is located between the LAN and the Internet.
Back Up To save important data in a secondary location as a safety precaution against the loss of the primary data.
Backdoor Typically a program, such as BackOrifice, that opens and holds a dynamic port number open while the intruder uses that port number to "respond" to the program
Backoff The random amount of time a node in a CSMA/CD network waits after a collision has occurred; a typical period is a few milliseconds long.
Backup Designated Router A second router set to take over if the designated router fails.
Backup Generator An onsite generator that provides electricity if the power utility fails.
Baiting When a malicious individual leaves malware-infected removable media, such as a USB drive or optical disc, lying around in plain view.
Bandwidth The average number of bits of data that can be transmitted from a source to a destination over the network in one second. Also the capacity of a network to transmit a given amount of data during a given period.
Bandwidth Saturation When the frequency of a band is filled to capacity due to the large number of devices using the same bandwidth.
Banner Grabbing When a malicious user gains access to an open port and uses it to probe a host to gain information and access, as well as learn details about running services.
Baseband Digital signaling that has only one signal (a single signal) on the cable at a time. The signals must be in one of three states: one, zero, or idle.
Baseband Transmission A transmission technique in which digital signaling is used to send data over a single transmission medium using the entire bandwidth of that medium.
Baseline Static image of a system's (or network's) performance when all elements are known to be working properly.
Baseline Reporting Identification of the security posture of an application, system, or network.
Baselining The process of measuring changes in networking, hardware, software, and so on.
Basic Input/Output System A coded program embedded on a processor chip that recognizes and controls different devices on the computer system..
Basic NAT A simple form of NAT that translates a computer's private or internal IP address to a global IP address on a one-to one basis.
Basic Rate Interface The basic ISDN configuration, which consists of two B channels (which can carry voice or data at a rate of 64 Kbps) and one D channel (which carries setup and configuration information, as well as data, at 16 Kbps).
Basic Service Set In wireless networking, a single access point servicing a given area.
Basic Service Set Identifier Naming scheme in wireless networks.
Bastion Host System located in a DMZ or connected to the internet that has been hardened against hackers
Baud One analog cycle on a telephone line.
Baud Rate The number of bauds per second. In the early days of telephone data transmission, this was often analogous to bits per second. Due to advanced modulation as well as data compression, this is no longer true.
Bayesian Filtering An advanced method for detecting spam.
Bearer Channel A type of ISDN channel that carries data and voice information using standard DS0 channels at 64 Kbps.
Behavior-Based Monitoring A monitoring system that looks at the previous behavior of applications, executables, and/or the operating system and compares that to current activity on the system.
Biometric Human physical characteristic that can be measured and saved to be compared as authentication in granting the user access to a network or resource. Includes fingerprints, facial scans, retinal scans, voice pattern recognition, and others.
Biometric Devices Devices that scan fingerprints, retinas, or even the sound of the user's voice to provide a foolproof replacement for both passwords and smart devices.
Biometrics Authentication schemes based on an individual's physical characteristics.
Birthday Attack A brute force attack that takes advantage of the Birthday Paradox to simplify the attack.
Bit Error Rate Test An end-to-end test that verifies a T-carrier connection.
Bits Per Second A measurement of how fast data is moved across a transmission medium
Bittorrent A type of p2p network that maximizes transfer speeds by gathering pieces of a file and downloading them separately.
Black Hat A hacker who exposes vulnerabilities for financial gain or for some malicious purpose.
Blacklist A list of senders for which the user does not want to receive e–mail.
Blackout When a total loss of power for a prolonged period occurs.
Block Access that is denied through to or from a resource. May be implemented in a firewall, access control server, or other secure gateway
Block Cipher An encryption algorithm in which data is encrypted in "chunks" of a certain length at a time. Popular in wired networks.
Blocks Contiguous ranges of IP addresses that are assigned to organizations and end users by IANA
Bluejacking A method used by attackers to send out unwanted Bluetooth signals from PDAs, mobile phones, and laptops to other Bluetooth-enabled devices.
Bluesnarfing A process in which attackers gain access to unauthorized information on a wireless device using a Bluetooth connection.
Bluetooth A wireless technology that facilitates short-range wireless communication between devices such as personal computers, laptop, cellular phones, and gaming consoles, thus creating a WPAN.
Bluetooth security modes SM1(promiscous) < SM2 (establish security after pairing) < SM3 (establish security required first)
BNC Connector A connector used for 10Base2 coaxial cable. Have to be locked into place by turning the locking ring 90 degrees.
BNC Coupler Passive connector used to join two segments of coaxial cables that are terminated with BNC connectors.
Bonding Two or more NICs in a system working together to act as a single NIC to increase performance.
Boot Virus A virus that infects the Master Boot Record (MBR) of a hard disk drive.
Bootstrap Protocol A UDP network protocol that helps diskless workstation computers get an IP address before loading an advanced operating system.
Border Gateway Protocol A path-vector protocol used by ISPs to establish routing between one another.
Border Router A router situated on the edge of an AS that connects the AS to one or more remote networks.
Bot Herder An attacker who controls several botnets.
Botnet A group of computers under the control of one operator, used for malicious purposes.
Bottleneck A component of a system that performs poorly when compared to other components and reduces the overall system performance.
Bounce A signal sent by one device taking many different paths to get to the receiving systems.
Bounded Media A networking medium that uses a physical conductor, typically made of metal or glass.
Branching Factor In a physical tree topology, the number of point-to-point connections that are consistently found between a node and the nodes beneath it in the tree structure.
Bridge A device that connects two networks and passes traffic between them based only on the node address, so that traffic between nodes on one network does not appear on the other network.
Bridge Loop A negative situation in which bridging devices (usually switches) are installed in a loop configuration, causing frames to loop continuously. Switches using Spanning Tree Protocol (STP) prevent this by automatically turning off looping ports.
Bridge Protocol Data Unit Frame that contains information about the Spanning tree protocol (STP)
Bridged Connection An early type of DSL connection that made the DSL line function the same as if you snapped an Ethernet cable into your NIC.
Bridging Loop A physical wiring of a circuitous path between two or more switches, causing frames to loop continuously. Implementing Spanning Tree Protocol (STP) in these devices will discover and block looped paths.
Bring Your Own Device A trend wherein users bring their own network-enabled devices to the work environment. These cell phones, tablets, notebooks, and other mobile devices must be easily and securely integrated and released from corporate network environments
Broadband Analog signaling that sends multiple signals over the cable at the same time. The best example is cable television. The zero, one, and idle states exist on multiple channels on the same cable
Broadband over Powerlines A technology that allows domestic power lines for broadband transmission.
broadband transmission A transmission technique in which analog signaling is used to send data over a transmission medium using a portion of the medium's bandwidth.
Broadcast A frame or packet addressed to all machines, almost always limited to a broadcast domain.
Broadcast Address The address a NIC attaches to a frame when it wants every other NIC on the network to read it. In TCP/IP, the general one of these is 255.255.255.255.
Broadcast Domain A logical area in a computer network where any node connected to the computer network can directly transmit to any other node in the domain without a central routing device. A network of computers that hear each other's broadcasts. Also Collision Domain
Broadcast Radio A form of RF networking that is non-directional, uses a single frequency for transmission, and comes in low- and high-power versions.
Broadcast Storm The result of one or more devices sending a nonstop flurry of broadcast frames on the network.
Broadcast Transmission A transmission method in which data goes from a source node to all other nodes on a network.
Brownout When the voltage drops to such an extent that it typically causes the lights to dim and causes computers to shut off.
Browser A software program specifically designed to retrieve, interpret, and display Web pages.
Brute Force Attack A type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to try to crack encrypted passwords.
Buffer Overflow An attack that targets system vulnerability to cause the device operating system to crash or reboot and may result in loss of data or execute rogue code on devices.
Buffer Overflow Exploit An anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory
Buffering A flow control technique in which received data is stored on a temporary high-speed memory location.
Building Entrance Location where all the cables from the outside world (telephone lines, cables from other buildings, and so on) come into a building.
Bus Topology A network topology that uses a single bus cable that connects all of the computers in a line. These entworks must be terminated to prevent signal reflection.
Business Continuity Planning The process of defining the steps to be taken in the event of a physical corporate crisis to continue operations.
Business Impact Analysis The examination of critical versus noncritical functions, it is part of a business continuity plan (BCP).
Business Partners Agreement Written agreement between two or more individuals who join as partners to form and carry on a for-profit business.
Butt Set A special type of telephone used by telecom technicians when installing and testing local lines. Also known as a lineman's test set.
Byte Eight contiguous bits, the fundamental data unit of personal computers. Storing the equivalent of one character, the byte is also the basic unit of measurement for computer storage
Cabinet Files These files are compressed and most commonly used during Microsoft operating system installation to store many smaller files, such as device drivers.
Cable Certifier A very powerful cable testing device used by professional installers to test the electrical characteristics of a cable and then generate a certification report, proving that cable runs pass TIA/EIA standards.
Cable Certifiers A type of certifier that can perform tests, such as cable testing and validity testing.
Cable Drop Location where the cable comes out of the wall at the workstation location.
Cable Internet Access A WAN connectivity technology that uses a cable television connection and a cable modem to provide high-speed Internet access to homes and small businesses.
Cable Modem A bridge device that interconnects the cable company's DOCSIS service to the user's Ethernet network. In most locations, this is the demarc.
Cable Stripper Device that enables the creation of UTP cables.
Cable Tester A generic name for a device that tests cables. Some common tests are continuity, electrical shorts, crossed wires, or other electrical characteristics. Also called a media tester.
Cable Tray A device for organizing cable runs in a drop ceiling.
Cache A special area of RAM that stores frequently accessed data
Cached Lookup The list kept by a DNS server of IP addresses it has already resolved, so it won't have to re-resolve an FQDN it has already checked.
Cache-Only DNS Servers DNS servers that do not have any forward lookup zones. They resolve names of systems on the Internet for the network, but are not responsible for telling other DNS servers the names of any clients.
Caching Engine A server dedicated to storing cache information on your network to provide faster responses to future requests for the data. These servers can reduce overall network traffic dramatically.
Cacti Popular network graphing program.
California Database Security Breach Act A state act that requires disclosure to California residents if a breach of personal information has or is believed to have occurred.
Campus Area Network A network installed in a medium-sized space spanning multiple buildings.
Canonical Name Record A DNS record that maps multiple canonical names (aliases) to one A record.
Capture File A file in which the collected packets from a packet sniffer program are stored.
Capturing a Printer A process by which a printer uses a local LPT port that connects to a networked printer. This is usually only done to support older programs that are not smart enough to know how to print directly to a UNC-named printer; it's quite rare today.
Card Generic term for anything that you can snap into an expansion slot.
Carrier Protocol The protocol used by the network (IP on the Internet) that the information is traveling over
Carrier Sense Multiple Access with Collision Avoidance Access method used mainly on wireless networks. Before hosts send out data, first listen for traffic. If the network is free, they send out a signal that makes sure the network is free of other signals. If data is detected, wait random time and try again
Carrier Sense Multiple Access with Collision Detection Access method that Ethernet systems use in wired LAN technologies. Hosts listen to hear of there is any data on the wire. If there is none, they send out data. If a collision occurs, then both hosts wait a random time period before retransmitting
Carrier Signal A high frequency signal that is superimposed on an analog signal to carry information.
CAT 3 Category 3 wire, a TIA/EIA standard for UTP wiring that can operate at up to 16 Mbps.
CAT 4 Category 4 wire, a TIA/EIA standard for UTP wiring that can operate at up to 20 Mbps. This wire is not widely used, except in older Token Ring networks.
CAT 5 Category 5 wire, a TIA/EIA standard for UTP wiring that can operate at up to 100 Mbps.
CAT 5e Category 5e wire, a TIA/EIA standard for UTP wiring with improved support for 100 Mbps using two pairs and support for 1000 Mbps using four pairs.
CAT 6 Category 6 wire, a TIA/EIA standard for UTP wiring with improved support for 1000 Mbps.
Category (CAT) Rating A grade assigned to cable to help network installers get the right cable for the right network technology. Officially rated in megahertz (MHz), indicating the highest-frequency bandwidth the cable can handle.
Cell The area covered by a wireless access point Alternatively, a cell is a type of network, similar to a packet switching network, in which data is transmitted as fixed-length packets
Cell Switching Network A type of network, similar to a packet switching network, in which data is transmitted as fixed-length packets called cells.
Cells The coverage areas for cellular communications
Cellular Telphones Portable communications devices that function in a manner unlike wired telephones.
Central Office Building that houses local exchanges and a location where individual voice circuits come together.
Centralized Network A network in which a central host computer controls all network communication and performs data processing and storage on behalf of clients.
Certificate A public encryption key signed with the digital signature from a trusted third party called a certificate authority (CA). This key serves to validate the identity of its holder when that person or company sends data to other parties.
Certificate Authority A server that can issue digital certificates and the associated public/private key pairs.
Certificate Management System A system that provides the software tools to perform the day-to-day functions of a PKI.
Certificate Multi–Factor Authentication Uses more than one authentication mechanism at the same time (ie ATM card + PIN)
Certificate Repository A database containing digital certificates.
Certificate Revocation List A list of certificates no longer valid or that have been revoked by the issuer.
Certificate Signing Request A message sent from an applicant to a Certificate Authority in order to apply for a digital identity certificate
Certifier A device that tests a cable to ensure that it can handle its rated amount of capacity.
Chain of Custody A document used to track the collection, handling, and transfer of evidence.
Challenge Handshake Authentication Protocol An encrypted remote-access authentication method that enables connections from any authentication method requested by the server, except for PAP and SPAP unencrypted authentication.
Change Management The process of initiating, approving, funding, implementing, and documenting significant changes to the network.
Change Management Documentation A set of documents that defines procedures for changes to the network.
Change Management Team Personnel who collect change requests, evaluate the change, work with decision makers for approval, plan and implement approved changes, and document the changes.
Change Request A formal or informal document suggesting a modification to some aspect of the network or computing environment.
Channel A portion of the wireless spectrum on which a particular wireless network operates. Enables separation of the networks.
Channel Bonding Wireless technology that enables wireless access points (WAPs) to use two channels for transmission.
Channel Service Unit a digital-interface device used to connect a data terminal equipment (DTE), such as a router, to a digital circuit, such as a Digital Signal 1 (T1) line
Channel Service Unit/Data Service Unit A combination of two WAN connectivity devices on a Frame Relay network that work together to connect a digital WAN line with a customer's LAN.
Chat A multiparty, real-time text conversation
Checksum A simple error-detection method that adds a numerical value to each data packet, based on the number of data bits in the packet. The receiving node applies the same formula to the data and verifies that the numerical value is the same
Chief Information Officer An executive job title commonly given to the person at an enterprise in charge of information technology (IT) strategy and the computer systems required to support an enterprise's objectives and goals
Chief Security Officer The company executive responsible for the security of personnel, physical assets and information in both physical and digital form
Chief Technology Officer An executive-level position in a company or other entity whose occupation is focused on scientific and technological issues within an organization
Children'S Online Privacy Protection Act A U.S. federal act that requires operators of online services or Wev sites directed at children under the age of 13 to obtain parental consent prior to the collection, use, disclosure, or display of a child's personal information
Chips Multiple data signals generated in the DSSS technique.
Chromatic Dispersion The refraction of light as in a rainbow. If light is refracted in such a manner on fiber optic cables, the signal cannot be read by the receiver.
Cipher A method for concealing the meaning of text. A series of complex and hard-to-reverse mathematics run on a string of ones and zeroes in order to make a new set of seemingly meaningless ones and zeroes.
Cipher Feedback A mode of operation for a block cipher
Cipher Lock A door unlocking system that uses a door handle, a latch, and a sequence of mechanical push buttons.
Ciphertext Data that has been encoded with a cipher and is unreadable.
Ciphertext Attack A vulnerability of all crypto–systems, but mainly PGP and Open–PGP. The cryptoanalyst works from the cipher text alone, but is able to gather enough data to infer the rest. Especially weak, if the same cipher or key is used to sign and encrypt the email
Circuit Switching The process for connecting two phones together on one circuit.
Circuit Tester An electrical instrument that displays whether an electrical outlet is wired correctly.
Circuit-Level Gateway Works at the Session Layer of the OSI model and applies security mechanisms when a TCP or UDP connection is established; they act as a go-between for the Transport and Application Layers in TCP/IP.
Cisco IOS Cisco's proprietary operating system.
Cladding The part of a fiber-optic cable that makes the light reflect down the fiber.
Class A addresses A block of imp addresses from 1.0.0.0 to127.255.255.255 that provides the largest number of nodes (16,777,214) for the smallest number of networks (126), thus increasing the number of nodes per network.
Class B addresses A block of IP addresses from 128.0.0.0 to191.255.255.255 that provides a good balance between the number of networks and the number of nodes per network-16,382 networks of 65,534 nodes each.
Class C addresses A block of IP addresses from 192.0.0.0 to223.255.255.255 that provides the largest number of networks (2,097,150) and the smallest number of nodes per network (254).
Class D addresses A block of IP addresses from 224.0.0.0 to239.255.255.255 used to support multicast sessions.
Class E addresses A block of IP addresses from 240.0.0.0 to255.255.255.255 used for research and experimentation purposes.
Class License Contiguous chunk of IP addresses passed out by the Internet Assigned Numbers Authority (IANA).
Class of Service A prioritization value used to apply to services, ports, or whatever a quality of service (QoS) device might use.
Classless Inter Domain Routing A subnetting method that selects a subnet mask that meets an individual network's networking and node requirements and then treats the mask like a 32-bit binary word.
Classless Subnet A subnet that does not fall into the common categories such as Class A, Class B, and Class C.
Cleartext The unencrypted form of data. Also known as plaintext
Cleartext Credentials Any login process conducted over a network where account names, passwords, or other authentication elements are sent from the client or server in an unencrypted fashion.
Client A network computer that utilizes the resources of other network computers.
Client/Server A relationship in which client software obtains services from a server on behalf of a user.
Client/Server Application An application that performs some or all of its processing on an application server rather than on the client. The client usually only receives the result of the processing.
Client/Server Network A network that has dedicated server machines and client machines.
Client-to-Site A type of VPN connection where a single computer logs into a remote network and becomes, for all intents and purposes, a member of that network.
Closed-Circuit Television A self-contained, closed system in which video cameras feed their signal to specific, dedicated monitors and storage devices.
Cloud Computing Using the Internet to store files and run applications
Cloud Service Provider A company that offers some component of cloud computing
Cloud/Server Based Remote storage and access of software, especially anti-malware software, where it can be singularly updated. This central storage allows users to access and run current versions of software easily, but it doesn't run automatically on the local client
Cluster Two or more servers that work with each other.
Coarse Wavelength Division Multiplexing An optical multiplexing technology in which a few signals of different optical wavelength could be combined to travel a fairly short distance.
Coax A common abbreviation for coaxial cable.
Coaxial Cable A type of cable that contains a central conductor wire surrounded by an insulating material, which in turn is surrounded by a braided metal shield. The center wire and the braided metal shield share a common axis or centerline.
Codec Software or hardware that codes and decodes digital data to and from the analog format.
Cold Site A predetermined alternate location where a network can be rebuilt after a disaster. A location that consists of a building, facilities, desks, toilets, parking, and everything that a business needs except computers.
Cold Spare A duplicate piece of backup equipment that can be configured to use as an alternate if needed.
Collision The result of two nodes transmitting at the same time on a multiple access network such as Ethernet. Both frames may be lost or partial frames may result.
Collision Domain Another name for a contention domain. (Broadcast Domain)
Collision Light A light on some older NICs that flickers when a network collision is detected.
Comité Consutatif Internationale Téléphonique et Télégraphique European standards body that established the V standards for modems.
Command A request, typed from a terminal or embedded in a file, to perform an operation or to execute a particular program.
Common Access Card A "smart" card about the size of a credit card, is the standard identification for active duty uniformed service personnel
Common Address Redundancy Protocol A redundancy protocol that allows a number of computers to be grouped together to use a single virtual network interface between them.
Common Gateway Interface Scripts that manipulate data and enable user interaction on Web servers.
Common Internet File System The protocol that NetBIOS used to share folders and printers. Still very common, even on UNIX/Linux systems.
Community Cloud A private cloud paid for and used by more than one organization.
Companion Virus A virus that adds a program to the operating system that is a copycat "companion" to a legitimate program.
Compatibility Issue When different pieces of hardware or software don't work together correctly.
Compatibility Requirements With respect to network installations and upgrades, requirements that deal with how well the new technology integrates with older or existing technologies.
Complete Algorithm A cipher and the methods used to implement that cipher.
Completely Automated Public Turing test to tell Computers and Humans Apart A type of challenge-response test used in computing to determine whether or not the user is human
Compulsory Tunnels VPN tunnels that are established by the WAN carrier without involvement from client endpoints.
Computer Emergency Response Team Expert group that handles computer security incidents
Computer Forensics The science of gathering, preserving, and presenting evidence stored on a computer or any form of digital media that is presentable in a court of law.
Computer Incident Response Team A group that handles events involving computer security breaches
Computer Network A group of computers that are connected together to communicate and share network resources.
Computer Security Audits Technical assessments made of applications, systems, or networks.
Concentrator A device that brings together at a common center connections to a particular kind of network (such as Ethernet) and implements that network internally.
Confidentiality The fundamental security goal of keeping information and communications private and protecting them from unauthorized access.
Confidentiality, Integrity, Availability The three principles of security control and management. Also known as the information security triad or information security triple.
Configuration Baseline Operating system configurations settings that will be used for each computer in the organization.
Configuration Management A set of documents, policies, and procedures designed to help you maintain and update your network in a logical, orderly fashion.
Configuration Management Documentation Documents that define the configuration of a network. These would include wiring diagrams, network diagrams, baselines, and policy/procedure/configuration documentation.
Configurations The settings stored in devices that define how they are to operate.
Connection A virtual link between two nodes established for the duration of a communication session.
Connectionless A type of communication characterized by sending packets that are not acknowledged by the destination host. UDP is the quintessential version of this protocol in the TCP/IP suite.
Connectionless Communication A protocol that does not establish and verify a connection between the hosts before sending data; it just sends the data and hopes for the best. This is faster than connection-oriented protocols
Connection-Oriented Network communication between two hosts that includes negotiation between the hosts to establish a communication session. Data segments are then transferred between hosts, with each segment being acknowledged before a subsequent segment can be sent
Connection-Oriented Communication A protocol that establishes a connection between two hosts before transmitting data and verifies receipt before closing the connection between the hosts. TCP is an example of this protocol.
Connector A metal device at the end of a wire to connect video equipment and network nodes in a LAN.
Console Port Connection jack in a switch used exclusively to connect a computer that will manage the switch.
Content Addressable Memory Table A table that is in a switch’s memory that contains ports and their corresponding MAC addresses.
Content Filters Individual computer programs that block external files that use JavaScript or images from loading into the browser.
Content Management System A computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative environment.
Content Protection Obfuscation of the data within a conversation "protected movie dvd"
Content Switch Advanced networking device that works at least at Layer 7 (Application layer) and hides servers behind a single IP.
Contention Domain A contention-based network on which a group of nodes compete with each other for access to the media.
Contention-based Media Access A media access method in which nodes compete or cooperate among themselves for media access time. Also called competitive media access.
Context Protection Obfuscation of the identity of the sender and receiver of data
Contingency Planning The process of creating documents that set about how to limit damage and recover quickly from an incident.
Continuity The physical connection of wires in a network.
Continuity Of Operation Planning Planning that helps to ensure trouble-free operations through unanticipated events
Continuity Tester Inexpensive network tester that can only test for continuity on a line.
Controlled Media Access A media access method in which a central device or system controls when and for how long each node can transmit Also called deterministic media access.
Controller Area Network A vehicle bus standard designed to allow microcontrollers and devices to communicate with each other in applications without a host computer.
Convergence Point at which the routing tables for all routers in a network are updated.
Cookies Text files placed on the client computer that store information about it, which could include your computer’s browsing habits and credentials
Copper Media A type of bounded media that uses one or more copper conductors surrounded by a non-conductive insulated coating.
Copy Backup A type of backup similar to Normal or Full, in that all selected files on a system are backed up. This type of backup does not change the archive bit of the files being backed up.
Core The central glass of the fiber-optic cable that carries the light signal.
Corrective Action Report Procedure used to originate a corrective action. It is used as response to a defect. In simple words, it means an action/actions adopted to eliminate the problem from occurring again
Cost The number of hops along a route between two networks.
Counter An individual statistic about the operation of system objects such as software processes or hardware components, monitored by a performance monitor.
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol An AES cipher-based encryption protocol used in WPA2.
Cracker A user who breaks encryption codes, defeats software copy protections, or specializes in breaking into systems.
Crimper Also called a crimping tool, the tool used to secure a crimp (or an RJ 5 connector) onto the end of a cable.
Crossover Cable A specially terminated UTP cable used to interconnect routers or switches, or to connect network cards without a switch. Reverse the sending and receiving wire pairs from one end to the other.
Cross-Platform Support Standards created to enable terminals (and now operating systems) from different companies to interact with one another.
Cross-Site Request Forgery An attack that exploits the trust a website has in a user’s browser in an attempt to transmit unauthorized commands to the website.
Cross-Site Scripting Using client–side scripts typically written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker.
Crosstalk Electrical signal interference between two cables that are in close proximity to each other.
Cryptanalysis Attack A password attack uses a considerable set of precalculated encrypted passwords located in a lookup table.
Cryptographic Hash Functions Hash functions based on block ciphers.
Cryptography The science of hiding information to protect sensitive information and communication from unauthorized access.
Custom TCP/IP Subnet A class of leased addresses that are divided into smaller groups to serve a network's needs.
Customer Relationship Management An approach to managing a company's interactions with current and future customers. It often involves using technology to organize, automate, and synchronize sales, marketing, customer service, and technical support
Customer-Premises Equipment The primary distribution box and customer-owned/managed equipment that exists on the customer side of the demarc.
Cybercrime Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information.
Cybercriminals A loose–knit network of attackers, identity thieves, and financial fraudsters that are more highly motivated, less risk–averse, better funded, and more tenacous than hackers.
Cyberterrorism Attacks launched by cyberterrorists that could cripple a nation's electronic and commercial infrastructure.
Cyberterrorist An attacker motivated by ideology to attack computers or infrastructure networks.
Cycle One complete oscillation of an analog signal.
Cyclic Redundancy Check An error detection method that can be applied to blocks of data, rather than individual words. Both the sender and receiver calculate; if they match, the data is assumed to be valid.
Daemon A background process that performs a specific operation.
Daily Backup Also called a daily copy backup, makes a copy of all files that have been changed on that day without changing the archive bits of those files.
Daisy-chain A method of connecting together several devices along a bus and managing the signals for each device.
Data Backup The process of creating extra copies of data to be used in case the primary data source fails.
Data Classification The process of assigning a level of business importance, availability, sensitivity, security, and regualtion requirements to data.
Data Communications Equipment Interface devices such as modems on a Frame Relay network.
Data Emanation The electromagnetic field generated by a network cable or network device, which can be manipulated to eavesdrop on conversations or to steal data.
Data Encryption Standard A shared-key encryption algorithm that uses a 56-bit encryption key to encode data in 64-bit blocks.
Data Execution Prevention A windows feature that uses a CPU's ability to mark sections of a computer's memory as exclusively for data and not for code.
Data Link layer An OSI layer responsible for error-free transfer of data packets between nodes on the network.
Data Loss Prevention Strategy for making sure that end users do not send sensitive or critical information outside the corporate network
Data Over Cable Service Interface Specification The unique protocol used by cable modem networks.
Data Packet A unit of data transfer between computers that communicate on a network.
Data Service Unit Piece of telecommunications circuit terminating equipment that transforms digital data between telephone company lines and local equipment
Data Termination Equipment Interface devices such as NICs and routers on a Frame Relay network.
Data Theft A type of attack in which unauthorized access is used to obtain protected network information.
Data Transmission The transfer of data between computers or other electronic devices through a network.
Data Window A flow control technique in which multiple packets are sent as a unit. The recipient acknowledges each of these rather than each packet, resulting in higher throughput.
Database Administrator Performs activities to ensure that a database is always available as needed
Datagram A connectionless transfer unit created with User Datagram Protocol designed for quick transfers over a packet switched network.
DB-25 A 25-pin, D-shaped subminiature connector, typically use in parallel and older serial port connections.
DB-9 A 9-pin, D-shaped subminiature connector, often used in serial port connections.
Dead Spot A place that should be covered by the network signal but where devices get no signal.
Decibel A measurement of the quality of a signal.
Deciphering The process of reversing a cipher.
Dedicated Circuit A circuit that runs from a breaker box to specific outlets.
Dedicated Line A telephone line that is an always open, or connected, circuit. Usually do not have telephone numbers.
Dedicated Lines A telecommunication path that is available 24 hours a day for use by a designated user.
Dedicated Server A machine that does not use any client functions, only server functions.
De-encapsulation The process of stripping all the extra header information from a packet as the data moves up a protocol stack.
Default A software function or operation that occurs automatically unless the user specifies something else.
Default Account An account installed by default on a device or within an operating system with a default set of user credentials that are usually insecure.
Default Gateway An IP address of the router that routes remote traffic from the computer's local subnet to remote subnets.
Defense in Depth The building up and layering of security measures that protect data from inception, on through storage and network transfer, and lastly to final disposal.
Definition Files Antivirus update files; also known as signature files.
Delta Channel A type of ISDN line that transfers data at 16 Kbps.
Demand Priority A polling technique in which nodes signal their state--either ready to transmit or idle--to an intelligent hub. The hub polls the state of each node and grants permission to transmit in turn.
Demarc A device that marks the dividing line of responsibility for the functioning of a network between internal users and upstream service providers. Point where a building's wiring ends and the telephone company's wiring begins.
Demarc Extension Any cabling that runs from the network interface to whatever box is used by the customer as a demarc.
Demilitarized Zone A small section of a private network that is located between two firewalls and made available for public access.
Demodulation The process of decoding or removing a low frequency data signal from a high frequency carrier waveform.
Demultiplexer Device that can extract and distribute individual streams of data that have been combined together to travel along a single shared network cable.
Demultiplexing A process that converts the multiplexed signals to independent signals.
Denial of Service An effort to prevent users from gaining normal use of a resource
Denial of Service Attack An attack that floods a networked server with so many requests that it becomes overwhelmed and ceases functioning.
Dense Wavelength Division Multiplexing An optical multiplexing technology in which a large number of optical signals of different optical wavelength could be combined to travel over relatively long fiber cables.
DES - Number of Rounds 16
DES Blocksize 64 bits
DES Key Length 56 bits
Designated Router The main router in an OSPF network that relays information to all other routers in the area.
Destination Network Address Translation Performed on incoming packets, when the firewall translates a public destination address to a private address
Destination Port A fixed, predetermined number that defines the function or session type in a TCP/IP network.
Device Driver A subprogram to control communications between the computer and some peripheral hardware.
Device ID The last six digits of a MAC address, identifying the manufacturer's unique serial number for that NIC.
Device Types/Requirements With respect to installing and upgrading networks, these determine what equipment is needed to build the network and how the network should be organized.
DHCP Lease Created by the DHCP server to allow a system requesting DHCP IP information to use that information for a certain amount of time.
DHCP Relay A router process that, when enabled, passes DHCP requests and responses across router interfaces. In common terms, DHCP communications can cross from one network to another within a router that has this enabled and configured.
DHCP relay agent A service that captures a BOOTP broadcast and forwards it through the router as a unicast transmission to a DHCP server on a remote subnet.
DHCP Scope The pool of IP addresses that a DHCP server may allocate to clients requesting IP addresses or other IP information like DNS server addresses.
DHCP Snooping Switch process that monitors DHCP traffic, filtering out DHCP messages from untrusted sources. Typically used to block attacks that use a rogue DHCP server.
Dialectric An insulator-a material that does not conduct electricity by separating the conductor and shield. The entire package is wrapped in an insulating layer called a sheath or jacket.
Dial-up Lines Telephone lines with telephone numbers; they must dial to make a connection, as opposed to a dedicated line.
Dial-up Modem A communication device that converts a computer's digital signals into analog signals before transmission over telephone lines.
Diameter An authentication protocol that is an updated version of RADIUS and improves on some of its features.
Dictionary Attack A type of password attack that automates password guessing by comparing encrypted passwords against a predetermined list of possible password values.
Differential Backup Similar to an incremental backup in that it backs up the files that have been changed since the last backup. This type of backup does not change the state of the archive bit.
Differential Signaling A noise reduction technique in which the signals from two inputs are compared; signals that are identical on the two inputs are ignored, while those that are different on the inputs are accepted
Differentiated Services The underlying architecture that makes quality of service (QoS) work.
Diffie–Hellman Key Exchange A method where two strange computers can agree on a secure password, over a non–secure network, which can subsequently be used for IPSEC encryption. It is the first step of a secure conversation.
Digital Certificate An electronic document that associates credentials with a public key.
Digital Signal An electrical signal that can have combinations of only two values: one and zero.
Digital Signal 1 The signaling method used by T1 lines, which uses a relatively simple frame consisting of 25 pieces: a framing bit and 24 channels. Holds a single 8-bit DS0 data sample. Frames have a total throughput of 1.544 Mbps.
Digital Signal Hierarchy A channelized data transmission standard used to multiplex several single data or voice channels for a greater total bandwidth.
Digital Signal Modulation A process of representing digital data with an analog signal so that digital data can be transmitted between different digital devices.
Digital Signal Processor A specialized microprocessor-like device that processes digital signals at the expense of other capabilities, much as the floating-point unit (FPU) is optimized for math functions
Digital Signature An encrypted hash of a private encryption key that verifies a sender's identity to those who receive encrypted data or messages.
Digital Signature Algorithm Standard for digital signatures
Digital Subscriber Line A broadband Internet connection method that transmits digital signals over existing phone lines.
Digital Volt Meter Uses an analog-to-digital converter to display numeric voltage readings.
Dipole Antenna The standard straight-wire antenna that provides most omnidirectional function.
Direct Current A type of electric current that flows unidirectionally.
Direct Sequence Spread Spectrum A type of radio transmission in which a single data signal is converted into multiple digital data signals called chips.
Directional Antenna A type of antenna that concentrates the signal beam in a single direction.
Directory Entry Table A logical link between a directory and the files it contains that is implemented by the NTFS.
Directory Traversal Also known as the ../ (dot dot slash) attack is a method of accessing unauthorized parent directories.
Disaster A catastrophic loss of system functioning due to a cause that cannot reasonably be foreseen or avoided.
Disaster Recovery The means and methods to recover primary infrastructure from a disaster. Starts with a plan and includes data backups.
Disaster Recovery Plan A policy and set of procedures that documents how people and resources will be protected in case of disaster, and how the organization will recover from the disaster and restore normal functioning.
Discover Part of the pretrial phase of a lawsuit in which each party through the law of civil procedure can request documents and evidence.
Discretionary Access Control Authorization method based on the idea that there is an owner of a resource who may at his or her discretion assign access to that resource. Considered much more flexible than mandatory access control (MAC).
Disk Duplexing When each disk is connected to a separate controller.
Disk Mirroring Process by which data is written simultaneously to two or more disk drives. Read and write speed is decreased but redundancy, in case of catastrophe, is increased. Also known as RAID level 1
Disk Striping Process by which data is spread among multiple (at least two) drives. It increases speed for both reads and writes of data, but provides no fault tolerance. Also known as RAID level 0.
Disk Striping with Parity Process by which data is spread among multiple (at least three) drives, with parity information as well to provide fault tolerance. The most commonly implemented type is RAID 5, where the data and parity information is spread across three or more drives.
Dispersion Diffusion over distance of light propagating down fiber cable.
Distance Vector Set of routing protocols that calculates the total cost to get to a particular network ID and compares that cost to the total cost of all the other routes to get to that same network ID.
Distance-Vector Routing Each router passes a copy of its routing table to its adjacent neighbors. The neighbor adds the route to its own table, incrementing the metric to reflect the extra distance to the end network. Distance is hop count; Vector is address of next hop
Distributed Control System A small controller added directly to a machine used to distribute the computing load.
Distributed Coordination Function One of two methods of collision avoidance defined by the 802.11 standard and the only one currently implemented. Specifies strict rules for sending data onto the network media
Distributed Denial of Service Multicomputer assault on a network resource that attempts, with sheer overwhelming quantity of requests, to prevent regular users from receiving services from the resource.
Distributed Denial of Service Attack A software attack in which an attacker hijacks or manipulates multiple computers (through the use of zombies or drones) on disparate networks to carry out a DoS attack.
Distributed File System A software-based distributed hierarchical storage implementation that is built into Windows Server 2003, Windows Server 2008 R2, and other Windows server software.
Distribution System A wired connection between a BSS and a premise-wide network that enables mobility on devices.
Diversion Theft When a thief attempts to take responsibility for a shipment by diverting the delivery to a nearby location.
Diversity of Defense Layers of security should be implemented using dissimilar methods and vendors. Layers should be so dissimilar that if one layer is penetrated, the next layer cannot be penetrated using the same method
DNS Blacklists Published lists that contain email addresses that ace confirmed as spam sources.
DNS Domain A specific branch of the DNS name space. Top-level DNS domains include .com, .gov, and .edu.
DNS Poisoning The modification of name resolution information that should be in a DNS server’s cache.
DNS Resolver Cache A cache used by Windows DNS clients to keep track of DNS information.
DNS Root Servers The highest in the hierarchy of DNS servers running the Internet.
DNS Server A system that runs a special DNS server program.
DNS Tree A hierarchy of DNS domains and individual computer names organized into a tree-like structure, the top of which is the root.
DNS Zone Transfer One of the many mechanisms available for administrators to replicate DNS databases across a set of DNS servers
Document A medium and the data recorded on it for human use; for example, a report sheet or book. By extension, any record that has permanence and that can be read by a human or a machine.
Documentation A collection of organized documents or the information recorded in documents. Also, instructional material specifying the inputs, operations, and outputs of a computer program or system.
Domain A term used to describe a grouping of users, computers, and/or networks. For the Internet, a group of computers that shares a common element in their DNS hierarchical name.
Domain Controller A Microsoft Windows Server system specifically configured to store user and server account information for its domain
Domain Information Groper Command-line tool in non-Windows systems used to diagnose DNS problems.
Domain Name A unique name that identifies a website on the Internet A period is used to separate the labels of domain names.
Domain Name Kiting The process of deleting a domain name during the five-day grace period (known as the add grace period or AGP) and immediately reregistering it for another five-day period to keep a domain name indefinitely and for free.
Domain Name System A TCP/IP name resolution system that resolves host names to IP addresses.
Domain Users and Groups Users and groups that are defined across an entire network domain.
Door Access Controls Methodology to grant permission or to deny passage through a doorway. The method may be computer-controlled, human-controlled, token-oriented, or many other means.
Dotted Decimal Notation Shorthand method for discussing and configuring binary IP addresses.
Download The transfer of information from a remote computer system to the user's system
Drain The connection point between a shield and the ground.
Drive Mirroring The process of writing identical data to two hard drives on the same controller at the same time to provide data redundancy.
Drone Unauthorized software introduced on multiple computers to manipulate the computers into mounting a DDoS attack. Also called a zombie.
DS0 The digital signal rate created by converting analog sound into 8-bit chunks 8000 times a second, with a data stream of 64 Kbps. This is the simplest data stream (and the slowest rate) of the digital part of the phone system.
DSL Access Multiplexer A device located in a telephone company's central office that connects multiple customers to the Internet.
DSL Modem A device that enables customers to connect to the Internet using a DSL connection. More like an ISDN terminal adapter
Dumpster Diving When a person literally scavenges for private information in garbage and recycling containers.
Duplexing Data is written to and read from two physical drives for fault tolerance. In addition, separate controllers are used for each drive, for both additional fault tolerance and additional speed
Dynamic Addressing A way for a computer to receive IP information automatically from a server program
Dynamic ARP Inspection Cisco process that updates a database of trusted systems. Watches for false or suspicious ARPs and ignores them to prevent ARP cache poisoning and other malevolent efforts.
Dynamic DNS A protocol that enables DNS servers to get automatic updates of IP addresses of computers in their forward lookup zones, mainly by talking to the local DHCP server.
Dynamic Host Configuration Protocol A network service that provides automatic assignment of IP addresses and other TCP /IP configuration information.
Dynamic Link Library A file of executable functions or data that can be used by a Windows application. Typically provides one or more particular functions, and a program accesses the functions by creating links
Dynamic NAT Type of NAT in which many computers can share a pool of routable IP addresses that number fewer than the computers.
Dynamic Port Numbers Port numbers 49152-65535, recommended by the IANA to be used as ephemeral port numbers.
Dynamic Routing Process by which routers in an internetwork automatically exchange information with other routers
Dynamic Routing Protocol A protocol that supports the building of automatic routing tables, such as OSPF or RIP.
E1 The European counterpart of a T1 connection that carries 32 channels at 64 Kbps for a total of 2.048 Mbps—making it slightly faster than a T1.
E3 The European counterpart of a T3 line that carries 16 E1 lines (512 channels), for a total bandwidth of 34.368 Mbps—making it a little bit slower than an American T3.
Easter Egg A platonic extra added to an OS or application as a sort of joke; the harmless cousin of the logic bomb.
Eavesdropping When a person uses direct observation to “listen” in to a conversation.
Eavesdropping Attack A network attack that uses special monitoring software to gain access to private communications on the network wire or across a wireless network. Also known as a sniffing attack.
Edge A hardware device that has been optimized to perform a task in coordination with other edge devices and controllers.
Edge Router Router that connects one Autonomous System (AS) to another.
Edge System A system on a Frame Relay network that efficiently manages traffic between a user and the backbone network.
Effective Permissions The permissions of all groups combined in any network operating system.
electrical noise Unwanted signals that are introduced into network media. Interferes with the proper reception of transmitted signals.
Electrically Erasable Programmable Read–Only Memory Nonvolatile computer memory that can be electrically erased and rewritten repeatedly.
Electromagnetic Interference Interference from one device to another, resulting in poor performance in the device's capabilities
Electronic Discovery The process of requesting and providing electronic and stored data and evidence in a legal way.
Electronic Industries Alliance A trade association accredited by ANSI to develop and jointly issue standards for telecommunications and electronics.
Electronic Mail Messages, usually text, sent from one person to another via computer. Can also be sent automatically to a large number of addresses, known as a mailing list.
Electronic Serial Number Unique identification number embedded by manufacturers on a microchip in wireless phones
Electrostatic Discharge The movement of electrons from one body to another. A real menace to PCs because it can cause permanent damage to semiconductors.
Elliptic Curve Diffie-Hellman Exchange Anonymous key agreement protocol that allows two parties, each having an elliptic curve public–private key pair, to establish a shared secret over an insecure channel
Elliptic Curve Digital Signature Algorithm Cryptographic algorithm used by Bitcoin to ensure that funds can only be spent by their rightful owners
Elliptic Key Cryptography A type of public key cryptography based on the structure of an elliptic curve.
E-mail Alert Notification sent by e-mail as a result of an event. A typical use is a notification sent from an SNMP manager as a result of an out of tolerance condition in an SNMP managed device.
E-mail Client Program that runs on a computer and enables a user to send, receive, and organize e-mail.
E–Mail Hoaxes E–mail messages containing false information for the sole purpose of having readers forward the message to others.
E-mail Server Also known as mail server, a server that accepts incoming e-mail, sorts the e-mail for recipients into mailboxes, and sends e-mail to other servers using SMTP.
Emulator Software or hardware that converts the commands to and from the host machine to an entirely different platform. For example, a program that enables you to run Nintendo games on your PC.
Encapsulating Protocol This term includes both the tunneling protocol (PPTP,L2TP) and the encrypting protocol (IPSec,Secure Shell [SSH]) that is wrapped around the original data
Encapsulating Security Payload Ensures the integrity of the data and also the authenticity of the data’s origin
Encapsulating Security Payload Protocol A protocol that IPSec uses to provide data integrity as well as data confidentiality (encryption) using one of the two encryption algorithms, DES or 3DES.
Encapsulation The process of putting the packets from one protocol inside the packets of another protocol. An example of this is placing TCP/IP packets inside Ethernet frames.
Enciphering The process of applying a cipher.
Encoding Also known as digital signal modulation.
Encrypting File System A file-encryption tool available on Windows systems that have partitions formatted with NTFS.
Encryption A security technique that converts data from plain, or cleartext form, into coded, or ciphertext form so that only authorized parties with the necessary decryption information can decode and read the data.
Encryption Algorithm The rule, system, or mechanism used to encrypt data.
Encryption Devices A device that provides encryption, decryption, and access control using an HSM.
Endpoint A network node that is the source or destination for data transfer. In the TCP/IP world, the session information stored in RAM
Endpoints Correct term to use when discussing the data each computer stores about the connection between two computers' TCP/IP applications
End-to-End Principle Early network concept that originally meant that applications and work should happen only at the endpoints in a network, such as in a single client and a single server.
Enhanced Interior Gateway Routing Protocol Cisco's proprietary hybrid protocol that has elements of both distance vector and link state routing.
Enterprise Network A network that includes elements of both local and wide area networks and is owned and operated by a single organization to interlink its computers and resources.
Enterprise Resource Planning Process by which a company (often a manufacturer) manages and integrates the important parts of its business
Environment Limitations With respect to building and upgrading networks, refers to the degree of access to facilities and physical access to physical infrastructure
Environment Monitor A hardware tool that ensures that environmental conditions do not spike or plummet temperature above or below equipment specifications.
Environmental Monitor Device used in telecommunications rooms that keeps track of humidity, temperature, and more.
Ephemeral Port In TCP/IP communication, an arbitrary number generated by a sending computer that the receiving computer uses as a destination address when sending a return packet.
Equipment Limitations With respect to installing and upgrading networks, the degree of usage of any existing equipment, applications, or cabling.
Equipment Rack A metal structure used in equipment rooms to secure network hardware devices and patch panels. Most are 19" wide
Error Detection The process of determining if transmitted data has been received correctly and completely.
Error Detection and Correction The process of determining if transmitted data has been received correctly and completely, and if not, rebuilding the data to its correct form.
Error Detection Code The bits that are attached to transmitted data to indicate its original contents.
Ethernet A set of networking technologies and media access methods specified for LANs.
Ethernet frame A data packet that has been encoded on the Data Link layer for transmission from one node to another on an Ethernet network.
Ethernet Over Power The IEEE 1901 standard, also known as Home Plug HD-PLC, provides high-speed home networking through the building's existing power infrastructure.
Ethical Hacker An expert at breaking into systems and can attack systems on behalf of the system’s owner and with the owner’s consent.
Event An occurrence within a software system that is communicated to users or other programs outside the operating system.
Evil Twin An attack that lures people into logging into a rogue access point that looks similar to a legitimate access point.
Evolved High-Speed Packet Access The final wireless 3G data standard, transferring theoretical maximum speeds up to 168 Mbps, although real-world implementations rarely passed 10 Mbps.
Executable Viruses Viruses that are literally extensions of executables and that are unable to exist by themselves. Once the file is run, the virus loads into memory, adding copies of itself to other EXEs that are subsequently run.
Exit Plan Documents and diagrams that identify the best way out of a building in the event of an emergency. It may also define other procedures to follow.
Explicit Allow When an administrator sets a rule that allows a specific type of traffic through a firewall, often within an ACL.
Explicit Deny When an administrator sets a rule that denies a specific type of traffic access through a firewall, often within an ACL.
Exploit To take advantage of a vulnerability.
Extended Service Set A single wireless access point servicing a given area that has been extended by adding more access points.
Extended Service Set Identifier An SSID applied to an Extended Service Set as a network naming convention.
Extended Unique Identifier, 48-bit The IEEE term for the 48-bit MAC address assigned to a network interface. The first 24 bits are assigned by the IEEE as the organizationally unique identifier (OUI).
Extended Unique Identifier, 64-bit The last 64 bits of the IPv6 address, which are determined based on a calculation based on a device's 48-bit MAC address.
Extensible Authentication Protocol A protocol that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication.
Extensible Authentication Protocol over IP Makes initial authentication over IP less complicated, but it must be strongly protected by an outside mechanism such as IPSEC AH and ESP.
Extensible Authentication Protocol over LAN EAP over LAN as used in 802.1X implementations.
Extensible Authentication Protocol with Transport Layer Security A protocol that defines the use of a RADIUS server as well as mutual authentication, requiring certificates on both the server and every client.
Extensible Authentication Protocol with Tunneled Transport Layer Security A protocol similar to EAP-TLS but only uses a single server-side certificate.
Extensible Markup Language Markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable
Exterior Gateway Protocol The protocol responsible for exchanging routing information between two neighboring gateways.
Exterior Router Any router entirely outside an AS.
External Connections A network's connections to the wider Internet. Also a major concern when setting up a SOHO network.
External Data Bus The primary data highway of all computers. Everything in your computer is tied either directly or indirectly to it
External Firewall The firewall that sits between the perimeter network and the Internet and is responsible for bearing the brunt of the attacks from the Internet.
External Network Address A number added to the MAC address of every computer on an IPX/SPX network that defines every computer on the network; this is often referred to as a network number.
External Threats Threats to your network through external means; examples include virus attacks and the exploitation of users, security holes in the OS, or weaknesses of the network hardware itself.
Extranet A private network that grants controlled access to users outside of the network.
F connector A screw-on connector used to terminate small-diameter coaxial cable such as RG-6 and RG-59 cables.
Face Contact A connector used in industrial settings that has a heavy duty ferrule in the center for more mechanical stability than SMA or ST connectors.
Fail Close Defines the condition of doors and locks in the event of an emergency, indicating that the doors should close and lock.
Fail Open Defines the condition of doors and locks in the event of an emergency, indicating that the doors should be open and unlocked.
Failopen Mode When a switch broadcasts data on all ports the way a hub does.
Failover Clusters Also known as high-availability clusters, these are designed so that a secondary server can take over in the case that the primary one fails, with limited or no downtime.
Fall-back Plan An alternate network reconstruction design that can be implemented temporarily to enable critical network elements to function.
False Negative When a system denies a user who actually should be allowed access to the system. For example, when an IDS/IPS fails to block an attack, thinking it is legitimate traffic.
False Positive When a system authenticates a user who should not be allowed access to the system. For example, when an IDS/IPS blocks legitimate traffic from passing on to the network.
False Positives Alarms that are raised when there is no actual abnormal behavior.
False Rejection When a biometric system fails to recognize an authorized person and doesn’t allow that person access.
False Rejection Rate Measure of the likelihood that the biometric security system will incorrectly reject an access attempt by an authorized user
Faraday Cage An enclosure formed by conducting material or by a mesh of such material; it blocks out external static electric fields and can stop emanations from cell phones and other devices within the cage from leaking out.
Far-End Crosstalk Crosstalk on the opposite end of a cable from the signal's source.
Fast Ethernet Nickname for the 100-Mbps Ethernet standards. Originally applied to 100BaseT.
Fateway A device, software, or a system that converts data between incompatible systems.
Fault Tolerance The ability of a network or system to withstand a foreseeable component failure and still continue to provide an acceptable level of service.
Federal Communications Commission In the United States, regulates public airwaves and rates PCs and other equipment according to the amount of radiation emitted.
Fiber Distributed Data Interface Older technology fiber optic network used in campus-sized installations. It transfers data at 100Mbps and uses a token bus network protocol over a ring topology.
Fiber Optic Cable A high-speed physical medium for transmitting data that uses light rather than electricity to transmit data and is made of high-purity glass fibers sealed within a flexible opaque tube. Much faster than conventional copper wire.
Fibre Channel A self-contained, high-speed storage environment with its own storage arrays, cables, protocols, cables, and switches. Critical part of storage addressed networking (SAN).
File Allocation Table A table on a hard disk maintained by the operating system that provides a map of clusters that files have been stored in.
File Infector Virus A virus that infects program executable files with an .EXE or .COM file extension.
File Server A computer designated to store software, courseware, administrative tools, and other data on a local or wide area network (WAN). It "serves" this information to other computers via the network when users enter their personal access codes.
File system Access Control List List of user permissions for a file, folder, or other object
File Transfer Protocol A TCP / IP protocol that allows the transfer of files between a user's workstation and a remote host.
Fire Ratings Ratings developed by Underwriters Laboratories (UL) and the National Electrical Code (NEC) to define the risk of network cables burning and creating noxious fumes and smoke.
Fire Suppression The process of controlling and/or extinguishing fires to protect people and an organization’s data and equipment.
firewall A software program or a hardware device or a combination of both that protects a system or network from unauthorized data by blocking unsolicited traffic.
FireWire An IEEE 1394 standard to send wide-band signals over a thin connector system that plugs into TVs, VCRs, TV cameras, PCs, and so forth. This serial bus enables connection of 60 devices at speeds ranging from 100 to 800 Mbps.
First Responder The first person or team to respond to an accident, damage site, or natural disaster in an IT company.
First–Party Cookie A cookie that is created from the web site that a user is currently viewing.
Fixed Length Window A type of data window in which each block of packets is of the same size. Typically are small to avoid flooding the buffers of less-powerful receivers.
Flash Memory A type of nonvolatile computer memory that can be electrically erased and rewritten repeatedly.
Flashing The process for rewriting the contents of the BIOS.
Flat Name Space A naming convention that gives each device only one name that must be unique
Flat-surface Connector Early fiber-optic connector that resulted in a small gap between fiber-optic junctions due to the flat grind faces of the fibers. It was replaced by Angled Physical Contact (APC) connectors.
Flooding A network transmission state in which data arrives at a receiving node too quickly to be processed.
Flow A stream of packets from one specific place to another.
Flow Cache Stores sets of flows for interpretation and analysis
Flow Control A class of technique for optimizing the exchange of data between systems.
Forensics Report A document that describes the details of gathering, securing, transporting, and investigating evidence.
Fork Bomb An attack that works by creating a large number of processes quickly to saturate the available processing space in the computer’s operating system. It is a type of wabbit.
Forward Confirmed reverse DNS Verifies that an email's originating IP address matches the fqdn used in the email's "from address" by doing a reverse DNS lookup on the IP, a nslookup on the fqdn, and then comparing.
Forward Lookup Zone The storage area in a DNS server to store the IP addresses and names of systems for a particular domain or domains.
Forward Proxy Server Server that acts as middleman between clients and servers, making requests to network servers on behalf of clients. Results are sent to it, which then passes them to the original client.
Fractional T1 Access A service provided by many telephone companies wherein customers can purchase a number of individual channels in a T1 line in order to save money.
Fraggle A type of DoS similar to the Smurf attack, but the traffic sent is UDP echo traffic as opposed to ICMP echo traffic.
Frame A defined series of binary data that is the basic container for a discrete amount of data moving across a network. Created at Layer 2 of the OSI model.
Frame Check Sequence A sequence of bits placed in a frame that is used to check the primary data for errors.
Frame Relay An extremely efficient data transmission technique used to send digital information such as voice, data, LAN, and WAN traffic quickly and cost-efficiently to many destinations from one port.
Free RADIUS Free RADIUS server software for UNIX/Linux systems.
Freeware Software that is distributed for free with no license fee.
Frequency The number of complete cycles per second in a wave. Also, called the period of the wave.
Frequency Division Multiplexing A multiplexing method in which data from multiple nodes is sent over multiple frequencies or channels, over a network medium.
Frequency Hopping Spread Spectrum A type of radio transmission in which a signal is sent on one channel at a time, and at predetermined fixed intervals, the channel changes.
FTP bounce attack An attack that targets the FTP vulnerability to permit connected clients to open other connections on any port on the FTP server.
FUBAR Fouled Up Beyond All Recognition.
Full Backup Type of backup where all the contents of a folder are backed up.
Full Disk Encryption Encryption of all data on a disk drive, including the program that encrypts the bootable OS partition
Full Duplex A feature of NIC that allows multiple devices to send and receive data simultaneously without data collision.
Fully Meshed Topology A mesh network where every node is directly connected to every other node.
Fully Qualified Domain Name The complete DNS name of a system, from its host name to the top-level domain name. The host name combined with the host's domain name.
Fuzz Testing When random data is inputted into a computer program in an attempt to find vulnerabilities
Gain The strengthening and focusing of radio frequency output from a wireless access point (WAP). An increase in the amplitude of a radio wave.
Galois Counter Mode Mode of operation for symmetric key cryptographic block ciphers that has been widely adopted because of its efficiency and performance
Gateway Router A router that acts as a default gateway in a TCP/IP network.
General Logs Logs that record updates to applications.
Generic Routing Encapsulation An IP Prototcol, which can encapsulate, encapsulate IPSEC tunnels, or be encrypted by IPSEC
Geometric Variance Spam that uses "speckling" and different colors so that no two spam e–mails appear to be the same.
Get (SNMP) A query from an SNMP manager sent to the agent of a managed device for the status of a management information base (MIB) object.
Gif Layering Spam that is divided into multiple images but still creates a legible message.
Giga The prefix that generally refers to the quantity 1,073,741,824. With frequencies, in contrast, often refers to one billion
Gigabit Ethernet An Ethernet technology that can transmit data at speeds of 1000 Mbps and primarily uses optical fibers for transmission.
Gigabit Interface Converter A transceiver used to convert electrical signals into optical signals and vice versa.
Gigabyte 1024 megabytes.
Global Positioning System A navigational system that consists of a network of satellites with 24 active satellites and 3 in standby mode.
Global Unicast Address A second IPv6 address that every system needs in order to get on the Internet.
GNU Privacy Guard Free software replacement for Symantec's PGP cryptographic software suite
Gramm–Leach–Bliley Act A US federal act that requires private data to be protected by banks and other financial institutions.
Grandfather, Father, Son A tape rotation strategy used in data backups.
Graphic Processing Unit Programmable logic chip (processor) specialized for display functions. Renders images, animations and video for the computer's screen
Graphics Interchange Format A graphic interchange format primarily used on the Internet.
Graphing Type of software that creates visual representations and graphs of data collected by SNMP managers.
Grayware A general term used to describe applications that are behaving improperly but without serious consequences; often describes types of spyware.
Greenfield Mode One of three modes used with 802.11n wireless networks wherein everything is running at higher speed.
Ground Loop A voltage differential that exists between two different grounding points.
Grounding Connection of a shield or conductor to an electrical ground point, such as a pipe or wire that is in contact with the ground.
Group Policy A feature of Windows Active Directory that allows an administrator to apply policy settings to network users en masse.
Group Policy Object Enables network administrators to define multiple rights and permissions to entire sets of users all at one time.
Groups Collections of network users who share similar tasks and need similar permissions; defined to make administration tasks easier.
Guessing A human-based attack where the goal is to guess a password or PIN through brute force means or by using deduction.
Guessing Attack A type of password attack that involves and individual making repeated attempts to guess a password by entering different common password values, such as the user's name, a spouse's name, or a significant date.
Guest In terms of virtualization, an operating system running as a virtual machine inside a hypervisor.
Guest Network A network that can contain or allow access to any resource that management deems acceptable to be used by insecure hosts that attach to the guest network.
Guest System A foreign virtual operating system.
Guideline A suggestion for meeting the policy standard or best practices on a network policy.
H.320 A standard that uses multiple ISDN channels to transport video teleconferencing (VTC) over a network.
H.323 A VoIP standard that handles the initiation, setup, and delivery of VoIP sessions.
Hacker A user who excels at programming or managing and configuring computer systems, and has the skills to gain access to computer systems through unauthorized or unapproved means.
Half-Duplex Any device that can only send or receive data at any given moment.
Hard Disk Drive Data storage device that uses magnetic storage to store and retrieve digital information using one or more rigid rapidly rotating disks (platters) coated with magnetic material
Hardening Applying security hardware, software, and processes to your network to prevent bad things from happening.
Hardware Appliance Physical network device, typically a "box" that implements and runs software or firmware to perform one or a multitude of tasks. Could be a firewall, a switch, a router, a print server, or one of many other devices.
Hardware Loopback Plug A special connector used for diagnosing transmission problems that redirects electrical signals back to the transmitting system.
Hardware Security Module A cryptographic module that can generate cryptographic keys.
Hardware Tools Tools such as cable testers, TDRs, OTDRs, certifiers, voltage event recorders, protocol analyzers, cable strippers, multimeters, tone probes/generators, butt sets, and punchdown tools used to configure and troubleshoot a network.
Hash A mathematical function used in cryptography that is run on a string of binary digits of any length that results in a value of some fixed length.
Hash Function A mathematical procedure that converts a variable-sized amount of data into a smaller block of data.
Hashed Message Authentication Code Specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key
Hashing Encryption One-way encryption that transforms cleartext into a coded form that is never decrypted.
HDMI Ethernet Channel Ethernet-enabled HDMI ports that combine video, audio, and data on a single cable.
Health Insurance Portability And Accountability Act A US federal act that requires health care nenterprises to guard protected health information.
Heating, Ventilating, and Air Conditioning A type of climate control system often found in large commercial or industrial buildings.
Hertz A measure of the number of cycles per second in an analog signal
Hexadecimal A numbering system of 16 (computer shorthand for binary numbers), using 10 digits and 6 letters to condense 0s and 1s to binary numbers
Hierarchical Name Space A naming scheme where the full name of each object includes its position within the hierarchy
High Availability A rating that expresses how closely systems approach the goal of providing data availability 100 percent of the time.
High Bandwidth Application A software application or program that requires large amounts of network bandwidth for data transmission.
High-Speed WAN Internet Cards A type of router expansion card that enables connection to two different ISPs.
History Logs Logs that track the history of how a user or users access network resources, or how network resources are accessed throughout the network.
HMAC-based One Time Password Algorithm relying on two basic things: a shared secret and a moving factor (a.k.a counter)
Hoax Any type of incorrect or misleading information that is disseminated to multiple users through unofficial channels.
Home Page Either the Web page that your browser is set to use when it starts up or the main Web page for a business, organization, or person. Also, the main page in any collection of Web pages.
Honeynet An entire dummy network used to lure attackers.
Honeypot An area of a network that an administrator sets up for the express purpose of attracting a computer hacker. If a hacker takes the bait, the network's important resources are unharmed and network personnel can analyze the attack
Hop The action of forwarding a packet from one router to the next.
Hop Count An older metric used by RIP routers. The number of routers that a packet must cross to get from a router to a given network
Horizontal Cabling Cabling that connects the equipment room to the work areas.
Horizontal cross-connect A wiring closet where the horizontal cabling connects to a patch panel that is attached to the main facility by a backbone cable.
Host A single device (usually a computer) on a TCP/ IP network that has an IP address; any device that can be the source or destination of a data packet. Also, a computer running multiple virtualized operating systems.
Host Computer A powerful, centralized computer system that performs data storage and processing tasks on behalf of clients and other network devices.
Host ID The portion of an IP address that defines a specific machine in a subnet.
Host Intrusion Detection Systems Software that attempts to monitor and possibly prevent attempts to intrude into a system and network resources.
Host Name An individual computer name in the DNS naming convention.
Host System The native operating system to the hardware
Host-Based Anti-Malware Anti-malware software that is installed on individual systems, as opposed to the network at large.
Host-Based Firewall A software firewall installed on a "host" that provides firewall services for just that machine, such as Windows Firewall.
Host-based IDS An IDS system that primarily uses software installed on a specific host such as a web server.
Host-based IPS An Intrusion Prevention System that resides on a computer and uses a specific IP address. It detects and prevents the actions malicious code attempts to modify the system.
Hostname Command-line tool that returns the host name of the computer it is run on.
HOSTS file A plaintext file configured on a client machine containing a list of IP addresses and their associated host names, which can be used for host name resolution as an alternative to DNS.
Host-to-Host Type of VPN connection in which a single host establishes a link with a remote, single host.
Host-to-Site Type of VPN connection where a host logs into a remote network as if it were any other local resource of that network.
Hot and Cold Aisles The aisles in a server room or data center that circulate cold air into the systems and hot air out of them. Usually, the systems and cabinets are supported by a raised floor.
Hot Site A complete backup facility to continue business operations. It has all resources in place, including computers, network infrastructure, and current backups, so that operations can commence within hours after occupation.
Hot Spare A fully configured and operational piece of backup equipment that can be swapped into a system with little to no interruption in functionality.
Hot Standby Router Protocol Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway
Hotfix A patch that is often issued on an emergency basis to address a specific security flaw.
Hotspot A wireless access point that is connected to a cellular data network, typically WiMAX, 3G, or 4G. The device can route Wi-Fi to and from the Internet
HTTP Proxy Caches web pages from servers on the Internet for a set amount of time.
Hub A networking device used to connect the drops in a physical star topology network into a logical bus topology.
Human Machine Interface In a distributed control system (DCS), a computer or set of controls that exists between a controller and a human operator
Hybrid Cloud A conglomeration of public and private cloud resources, connected to achieve some target result. There is no clear line that defines how much of it is private and how much is public.
Hybrid Password Attack An attack that utilizes multiple attack vectors including dictionary, rainbow table, and brute force attack methodologies when trying to crack a password.
Hybrid Topology Any topology that exhibits the characteristics of more than one standard network topology.
Hypertext A document that has been marked up to enable a user to select words or pictures within the document, click them, and connect to further information. The basis of the World Wide Web.
Hypertext Markup Language An ASCII-based script-like language for creating hypertext documents like those on the World Wide Web.
Hypertext Transfer Protocol A network protocol that works on the Application layer of the OSI and TCP /IP models and enables clients to connect to and retrieve web pages from a server to interact with websites.
Hypertext Transfer Protocol over SSL Protocol to transfer hypertext from a Web server to a client in a secure and encrypted fashion. SSL establishes a secure communication connection between hosts. It encrypts before sending from the Web server and decrypts it when it enters the client
Hypervisor In virtualization, a layer of programming that creates, supports, and manages virtual machine.
Identification When a person is in a state of being identified. It can also be described as something that identifies a person such as an ID card.
Identity Proofing An initial validation of an identity.
Identity Provider Provides identifiers for users looking to interact with a system and asserts to such a system that such an identifier presented by a user is known to the provider
Identity Theft Using someone's personal information, such as a SSN to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating.
IEEE 1284 The IEEE standard for the now obsolete parallel communication.
IEEE 1394 IEEE standard for FireWire communication, used to connect up to 63 devices to form a small local network.
IEEE 1905.1 Standard that integrates Ethernet, Wi-Fi, Ethernet over power lines, and Multimedia over Coax (MoCA).
IEEE 802.1 x A standard for securing networks by implementing EAP as the authentication protocol over either a wired or wireless Ethernet LAN, rather than the more traditional implementation of EAP over PPP.
IEEE 802.11 IEEE subcommittee that defined the standards for wireless.
IEEE 802.14 IEEE subcommittee that defined the standards for cable modems.
IEEE 802.16 A wireless standard (also known as WiMAX) with a range of up to 30 miles.
IEEE 802.2 IEEE subcommittee that defined the standards for Logical Link Control (LLC).
IEEE 802.3 IEEE subcommittee that defined the standards for CSMA/CD (a.k.a. Ethernet).
ifconfig A command-line utility for Linux servers and workstations that displays the current TCP/IP configuration of the machine, similar to ipconfig for Windows systems
Image Spam Spam that uses graphical images of text to circumvent text–based spam filters.
Impedance The amount of resistance to an electrical signal on a wire. It is used as a relative measure of the amount of data a cable can handle.
Impersonation A type of spoofing in which an attacker pretends to be someone they are not, typically an average user in distress, or a help desk representative.
Implicit Deny The blocking of access to any entity that has not been specifically granted access.
In Phase Refers to two waves of the same frequency that begin at the same time.
In-Band Management Technology that enables managed devices such as a switch or router to be managed by any authorized host that is connected to that network.
Inbound Traffic Packets coming in from outside the network.
Incident Management Practices and procedures that govern how an organization will respond to an incident in progress.
Incident Response Reaction to any negative situations that take place within an organization that can be stopped, contained, and remediated without outside resources. Includes the creation of documents to specify facilities, equipment, resources, personnel, and their roles
Incident Response Policy The security policy that determines the actions that an organization will take following a confirmed or potential security breach.
Incremental Backup Backs up all files that have their archive bits turned on, meaning they have been changed since the last backup. This type of backup turns the archive bits off after the files have been backed up.
Independent Basic Service Set A peer-to-peer network where each wireless station acts as both a client and a wireless AP.
Independent Computing Architecture A remote terminal protocol used by CitrixMetaFrame and MetaFrame XP software as add-ons to Microsoft Terminal Services.
Indirect attack A method of breaking a cryptographic or other system by attacking the implementation of the system/algorithm rather than the system itself
Industrial Control Server A centralized controller where the local controllers of a distributed control system (DCS) meet in order for global changes to be made.
Information Assurance The practice of managing information–related risks by ensuring CONFIDENTIALITY, INTEGRITY, AUTHENTICITY, AVAILABILITY, AND NON–REPUDIATION. IA is the process of insuring that AUTHORIZED USERS have access to AUTHORIZED INFORMATION at the AUTHORIZED TIME.
Information Lifecycle Management A set of strategies for administering, maintaining, and managing computer storage systems to retain data.
Information Security Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, and destruction. Protection = Prevention + Detection + Response
Information Systems Security Officer Senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats
Information Technology The business of computers, electronic communications, and electronic commerce.
Infrared Transmission A form of wireless transmission over unbounded media in which signals are sent as pulses of infrared light.
Infrastructure as a Service A method that provides network resources such as for storage and allow the client can deploy software and add network components such as firewalls.
Infrastructure Mode Mode in which wireless networks use one or more wireless access points to connect the wireless network nodes centrally. This configuration is similar to the star topology of a wired network.
Inheritance A method of assigning user permissions, in which folder permissions flow downward into subfolders.
Initialization Vector A technique used in cryptography to generate random numbers to be used along with a secret key to provide data encryption.
Input Validation Verifying user input.
Instant Messaging A method of online communication like e–mail except that it is conducted instantaneously in real time.
Institute of Electrical and Electronics Engineers An organization dedicated to advancing theory and technology in electrical sciences.
Insulating Jacket The external plastic covering of a fiber-optic cable.
Integrated Services Digital Network A digital circuit switching technology that carries both voice and data.
Integrity The fundamental security goal of ensuring that electronic data is not altered or tampered with.
Integrity Primitives Evaluation Message Digest Family of cryptographic hash functions developed in Leuven, Belgium, by Hans Dobbertin, Antoon Bosselaers and Bart Preneel at the COSIC research group at the Katholieke Universiteit Leuven, and first published in 1996
Intelligent Hub A hub that polls the state of each node and grants permission to transmit in turn.
Interactive Mode This mode of the nslookup utility enables you to query name servers for information about hosts and domains, or to print a list of hosts in a domain.
Interconnection Security Agreement Agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection
Inter-domain Routing Routing a packet among different autonomous systems.
Interface Identifier The second half (64 bits) of an IPv6 address.
Interface Monitor A program that tracks the bandwidth and utilization of one or more interfaces on one or more devices in order to monitor traffic on a network.
Interference Within wireless networking, the phenomenon by which radio waves from other devices interfere with the 802.11 wireless signals.
Interframe Gap A short, predefined silence originally defined for CSMA/CD; also used in CSMA/CA
Interframe Space A short, predefined silence originally defined for CSMA/CD; also used in CSMA/CA
Interior Gateway Protocol The protocol responsible for exchanging routing information between gateways within an AS.
Interior Gateway Routing Protocol A distance-vector routing protocol developed by Cisco as an improvement over RIP and RIP v2.
Interior Router A router arranged inside an AS and completely controlled by the AS administrator.
Intermediate Cross-connect An optional connection between the main cross-connect and the horizontal cross-connect.
Intermediate Distribution Frame A cable rack that interconnects the telecommunications wiring between an Main Distribution Frame and any workstation devices.
Intermediate System to Intermediate System A link-state routing protocol used within a network.
Internal Connections The connections between computers in a network.
Internal Firewall The firewall that sits between the perimeter network and the trusted network that houses all the organization's private servers and workstations.
Internal Network A private LAN, with a unique network ID, that resides behind a router.
Internal Threats All the things that a network's own users do to create problems on the network. Examples include accidental deletion of files, accidental damage to hardware devices or cabling, and abuse of rights and permissions.
International Data Encryption Algorithm Originally called Improved Proposed Encryption Standard (IPES), a symmetric-key block cipher. An optional algorithm in the OpenPGP standard.
International Organization for Standardization The largest standards-development body in the world, comprising the national standards institutes of 162 countries.
International Telecommunication Union An international organization within the United Nations that defines global technical standards for telecommunications.
Internet The single largest global WAN that virtually links every country in the world.
Internet Assigned Number Authority An international organization established in 1993 to govern the use of Internet IP addresses. ICANN is now responsible for leasing IP addresses worldwide.
Internet Authentication Service Popular RADIUS server for Microsoft environments.
Internet Connection Sharing A WAN connectivity method that connects multiple computers to the Internet by using a single Internet connection.
Internet Content Filter Applied as software at the Application Layer and can filter out various types of Internet activities such as websites accessed, e-mail, instant messaging, and more. It is used most often to disallow access to inappropriate web material.
Internet Control Message Protocol A protocol used with IP that attempts to report on the condition of a connection between two nodes.
Internet Corporation for Assigned Names and Numbers A non-profit corporation that assigns unique identifications on the Internet, such as domain names, IP addresses, and extension names.
Internet Engineering Task Force The primary standards organization for the Internet.
Internet Group Management Protocol A protocol in the TCP /IP suite that supports multicasting in a routed environment.
Internet Information Services Microsoft's Web server program for managing Web servers.
Internet Key Exchange A protocol used by IPSec to create a master key, which in turn is used to generate bulk encryption keys for encrypting data.
Internet Message Access Protocol A protocol used for retrieving email messages and folders from a mail server.
Internet of Things The idea that everyday objects could be capable of communicating with each other. Although this is certainly true to an extent now, the future of this technology has much greater implications.
Internet Protocol The core routing and addressing technology that makes up the modern Internet.
Internet Protocol Security A set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet through data authentication and encryption.
Internet Protocol Version 4 Protocol in which addresses consist of four sets of numbers, each number being a value between 0 and 255, using a period to separate the numbers (often called dotted decimal format).
Internet Protocol Version 6 Protocol in which addresses consist of eight sets of four hexadecimal numbers, each number being a value between 0000 and FFFF, using a colon to separate the numbers
Internet Relay Chat An online group discussion. Also called chat.
Internet Service Provider An institution that provides access to the Internet in some form, usually for a fee.
Internet Small Computer System Interface A protocol that enables the SCSI command set to be transported over a TCP/IP network from a client to an iSCSI based storage system. Popular with storage area network (SAN) systems.
Internet Society A non-profit organization that oversees standards and practices for the Internet.
InterVLAN Routing A feature on some switches to provide routing between VLANs.
Intra-domain Routing Routing a packet within an autonomous system.
Intranet A private TCP/IP network inside a company or organization.
Intra-Site Automatic Tunnel Addressing Protocol An IPv6 tunneling protocol that adds the IPv4 address to an IPv6 prefix.
Intrusion Detection A process of monitoring the events occurring on a computer or a network, and analyzing them to detect possible incidents, which are violations or imminent threats of violation of computer security policies, and standard security practices.
Intrusion Detection System A software and/ or hardware system that scans, audits, and monitors the security infrastructure for signs of attacks in progress.
Intrusion Prevention System An active, inline security device that monitors suspicious network and/ or system traffic and reacts in real time to block it.
IP Address The numeric address of a computer connected to a TCP/IP network, such as the Internet
IP Addressing The processes of assigning IP addresses to networks and hosts.
IP Camera Still-frame or video camera with a network interface and TCP/IP transport protocols to send output to a network resource or destination.
IP Filtering A method of blocking packets based on IP addresses.
IP Helper Command used in Cisco switches and routers to enable, disable, and manage internetwork forwarding of certain protocols such as DHCP, TFTP, Time Service, TACACS, DNS, NetBIOS, and others.
IP Proxy Secures a network by keeping machines behind it anonymous; it does this through the use of NAT.
IP Security Monitor A Windows tool that provides a main mode and a quick mode to verify IPSec statistics.
IP spoofing attack A type of software attack where an attacker creates IP packets with a forged source IP address and uses those packets to gain access to a remote system.
Ipconfig A command-line utility for Windows that displays the current TCP/IP configuration of the machine; similar to UNIX/Linux's ifconfig.
IPSec driver The component of IPSec that watches packets being sent and received to determine if the packets need to be signed and encrypted, based on Group Policy or local Registry settings.
IPSec policy A set of security configuration settings that define how an IPSec-enabled system will respond to IP network traffic.
IPSec Policy Agent A service that runs on each Windows computer that is used to transfer an IPSec policy agent from Active Directory or the local Registry to the IPSec driver.
IRC Internet Relay Chat An open communication protocol that is used for real–time "chatting" with other IRC users over the Internet. Also used to control zombies.
IT Contingency Plan Plan devised for an outcome other than in the usual (expected) plan. It is often used for risk management when an exceptional risk that, though unlikely, would have catastrophic consequences
iterative query A query used by the DNS server for name resolution when a client requests only the information the server already has in its cache for a particular domain name.
IV attack An attack where the attacker is able to predict or control the IV of an encryption process, thus giving the attacker access to view the encrypted data that is supposed to be hidden from everyone else except for the user or network.
Java A network-oriented programming language invented by Sun Microsystems and specifically designed for writing programs that can be safely downloaded to your computer through the Internet and immediately run without fear of harm to your computer or files
Java Applet A type of smaller java program
Javascript A scripting language that enables developers to create interactive Web sites.
Jitter The variability of latency over time across a network.
Job Rotation When users are cycled through various assignments.
Joint Photographic Experts Group A compressed graphical file format that reduces the file size.
Jumbo Frames Usually 9000 bytes long, though technically anything over 1500 bytes qualifies, these frames make large data transfer easier and more efficient than using the standard frame size.
Just a Bunch of Disks An array of hard drives that are simply connected with no RAID implementations.
K Most commonly used as the suffix for the binary quantity 1024. Can also be used as the quantity 1000
Kerberos An authentication standard designed to allow different operating systems and applications to authenticate each other.
Kerberos Time–based 5 minutes skew in Windows, 10 minutes in other applications. If the client's time is not within the permissible skew, authentication is denied
Kernel Part of the operating system that is responsible for managing the system resources.
Key A specific piece of information that is used in conjunction with an algorithm to perform encryption and decryption in cryptography.
Key Distribution Center System for granting authentication in Kerberos.
Key Encryption Key Used to encrypt what they call the Master Key, which will be used to encrypt any data that is put in the user's protected storage
Key Escrow When certificate keys are held in case third parties, such as government or other organizations, need access to encrypted communications.
Key Fob Small device that can be easily carried in a pocket or purse or attached to a key ring. This device is used to identify the person possessing it for the purpose of granting or denying access to resources such as electronic doors.
Key Hashing for Message Authentication Code Used to digitally sign packets on IPSec connections
Key Pair Name for the two keys generated in asymmetric-key algorithm systems.
Keylogger A small hardware device or a program that monitors each keystroke a user types on the computer's keyboard.
Keypad The device in which an alphanumeric code or password that is assigned to a specific individual for a particular asset can be entered.
Key-pair Encryption An encryption system in which an individual has two encryption keys: the public key that anyone can use to encode the message, and the user's private key, which is used to decode messages.
Kilobits Per Second Data transfer rate.
Kilohertz A unit of measure that equals a frequency of 1000 cycles per second.
L Universal Resource Locator Commonly informally termed a web address (a term which is not defined identically). Reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it
Label Switching A switching technology that saves up on processing time of packets by routers by adding a label to each incoming data packet.
LANMAN Hash The original hash used to store Windows passwords, known as LM hash, based off the DES algorithm.
Last Mile The connection between a central office and individual users in a telephone system.
Latency A measure of a signal's delay.
Latency Sensitivity The susceptibility of a device to experience issues that affect delay within a network.
Layer A grouping of related tasks involving the transfer of information. Also, a particular level of the OSI seven-layer model, for example, Physical layer, Data Link layer, and so forth.
Layer 1 The Physical Layer. Defines hardware connections and turns binary into physical pulses (electrical or light). Repeaters and hubs operate at the Physical layer.
Layer 2 The Data Link Layer . Identifies devices on the Physical layer. MAC addresses are part of the Data Link layer. Bridges operate at the Data Link layer.
Layer 2 Switch Any device that filters and forwards frames based on the MAC addresses of the sending and receiving machines
Layer 2 Tunneling Protocol A VPN protocol developed by Cisco that can be run on almost any connection imaginable. Has no authentication or encryption, but uses IPSec for all its security needs.
Layer 3 The Network Layer. Moves packets between computers on different networks. Routers operate at the Network layer. IP and IPX operate at the Network layer.
Layer 3 Switch Also known as a router, filters and forwards data packets based on the IP addresses of the sending and receiving machines.
Layer 4 The Transport Layer. Breaks data down into manageable chunks. TCP, UDP, SPX, and NetBEUI operate at the Transport layer.
Layer 5 The Session Layer. Manages connections between machines. NetBIOS and Sockets operate at the Session layer.
Layer 6 The Presentation Layer. Can also manage data encryption, hides the differences among various types of computer systems.
Layer 7 The Application Layer. Provides tools for programs to use to access the network (and the lower layers). HTTP, FTP, SMTP, and POP3 are all examples of protocols that operate at the Application layer.
Layers of Security Multiple barriers working in conjunction help eliminate single points of failure
Least Privilege The security principle that establishes that users and software should only have the minimal level of access that is necessary for them to perform the duties required of them.
Leeching Using another person's wireless connection to the Internet without that person's permission.
Legacy Mode One of three modes used with 802.11n wireless networks where the wireless access point (WAP) sends out separate packets just for legacy devices.
Legal Hold The process of an organization preserving and organizing data in anticipation of or in reaction to a pending legal issue.
Light Emitting Diode Solid-state device that vibrates at luminous frequencies when current is applied.
Light Leakage The type of interference caused by bending a piece of fiber-optic cable past its maximum bend radius. Light bleeds through the cladding, causing signal distortion and loss.
Light Meter An optical power meter used by technicians to measure the amount of light lost through light leakage in a fiber cable.
Lights-out Management Special "computer within a computer" features built into better servers, designed to give you access to a server even when the server itself is shut off.
Lightweight Directory Access Protocol A communications protocol that defines how a client can access information, perform operations, and share directory data on a server.
Lightweight Extensible Authentication Protocol The proprietary Extensible Authentication Protocol (EAP) implementation of Cisco Systems.
Line Tester A device used by technicians to check the integrity of telephone wiring. Can be used on a twisted pair line to see if it is good, dead, or reverse wired, or if there is AC voltage on the line.
Link Aggregation Connecting multiple NICs in tandem to increase bandwidth in smaller increments
Link Aggregation Control Protocol IEEE specification of certain features and options to automate the negotiation, management, load balancing, and failure modes of aggregated ports.
Link Light An LED on NICs, hubs, and switches that lights up to show good connection between the devices.
Link Redundancy A network fault-tolerance method that provides alternative network connections that can function if a critical primary connection is interrupted.
Link Segments Segments that link other segments together but are unpopulated or have no computers directly attached to them.
Link State Type of dynamic routing protocol that announces only changes to routing tables, as opposed to entire routing tables
Link State Routing A routing method that floods routing information to all routers within a network to build and maintain a more complex network route database.
Link-Local Address The address that a computer running IPv6 gives itself after first booting. The first 64 bits of a link-local address are always FE80::/64.
Linux The popular open source operating system, derived from UNIX.
List of Requirements A list of all the things you'll need to do to set up your SOHO network, as well as the desired capabilities of the network.
Listening Port A socket that is prepared to respond to any IP packets destined for that socket's port number.
Live Migration Technology that enables a virtual machine to be moved to a different physical computer with no impact to the users.
LMHOSTS File A static text file that resides on a computer and is used to resolve NetBIOS names to IP addresses. Checked before the machine sends a name resolution request to a WINS name server
Load Balancer Stand-alone network devices that perform load balancing as their primary function.
Load Balancing The process of taking several servers and making them look like a single server, spreading processing and to supporting bandwidth needs.
Load Balancing Clusters When multiple computers are connected in an attempt to share resources such as CPU, RAM, and hard disks.
Local Refers to the computer(s), server(s), and/or LAN that a user is physically using or that is in the same room or building.
Local Area Network A self-contained network that spans a small area, such as a single building, floor, or room.
Local Connector A duplex type of Small Form Factor (SFF) fiber connector, designed to accept two fiber cables.
Local User Accounts The accounts unique to a single Windows system. Stored in the local system's registry.
Localhost The hosts file alias for the loopback address of 127.0.0.1, referring to the current machine.
Log Information about the performance of some particular aspect of a system that is stored for future reference. Also called counters in Performance Monitor or facilities in syslog.
Log Entries Information in a log that contains information related to a specific event that has occured
Log File A record of actions and events performed on an operating system.
Log File Monitor An IDS that reads log files to determine if the network is under attack
Log Management The process of providing proper security and maintenance for log files to ensure the files are organized and safe.
Logic Bomb A piece of code that sits dormant on a target computer until it is triggered by the occurrence of specific conditions, such as a specific date and time. Once the code is triggered, the code "detonates," performing whatever actionist was programmed to do.
Logical Address A programmable network address, unlike a physical address that is burned into ROM.
Logical Addressing As opposed to physical addressing, the process of assigning organized blocks of logically associated network addresses to create smaller manageable networks called subnets
logical bus topology A network topology in which all nodes receive the data transmission at the same time, regardless of the physical wiring layout of the network.
Logical Link Control The aspect of the NIC that talks to the operating system, places outbound data coming "down" from the upper layers of software into frames, and creates the FCS on each frame
Logical Network Diagram A document that shows the broadcast domains and individual IP addresses for all devices on the network. Only critical switches and routers are shown.
Logical Ring Topology A network topology in which each node receives data only from its upstream neighbor and retransmits it only to its downstream neighbor, regardless of the physical layout of the network.
Logical Star Topology A network topology in which a central device controls network access for nodes that are wired as a physical bus.
Logical State A representation of digital data in the binary form of 1 's and 0's corresponding to the different voltage levels for mathematical reasons and to describe the working of digital devices.
Logical Topology A network topology defined by signal paths as opposed to the physical layout of the cables.
Long Term Evolution Better known as 4G, a wireless data standard with theoretical download speeds of 300 Mbps and upload speeds of 75 Mbps.
Looking Glass Site Web sites that enable a technician to run various diagnostic tools from outside their network.
Loopback Address Sometimes called the localhost, a reserved IP address used for internal testing: 127.0.0.1.
Loopback Plug Network connector that connects back into itself, used to connect loopback tests.
Loopback Test A special test often included in diagnostic software that sends data out of the NIC and checks to see if it comes back.
MAC Address Filtering A method of limiting access to a wireless network based on the physical addresses of wireless NICs.
MAC Flooding An attack that sends numerous packets to a switch, each of which has a different source MAC address, in an attempt to use up the memory on the switch. If this is successful, the switch will change state to failopen mode.
MAC-48 The unique 48-bit address assigned to a network interface card. This is also known as the MAC address or the EUI 48.
Macro A specially written application macro (collection of commands) that performs the same functions as a virus. Normally autostart when the application is run and then make copies of themselves, often propagating across networks.
Macros Virus A virus written in a scripting language.
Mail Exchange A DNS record that maps a domain name to a mail exchange server list.
Mail Exchange Record An entry in the domain name system that identifies the mail server responsible for handling that domain name.
Mailbox Special holding area on an e-mail server that separates out e-mail for each user.
Main cross-connect A structured cabling connection point that connects equipment cables, backbone cables, and entrance cables.
Main Distribution Frame The room in a building that stores the demarc, telephone cross-connects, and LAN cross-connects.
Maintenance Window The time it takes to implement and thoroughly test a network change.
Malicious Code Attack A type of software attack where an attacker inserts malicious software into a user's system.
Malicious User A user who consciously attempts to access, steal, or damage resources.
Malware Any program or code (macro, script, and so on) that's designed to do something on a system or network that you don't want to have happen.
Man in the Middle A hacking attack where a person inserts him- or herself into a conversation between two others, covertly intercepting traffic thought to be only between those other people.
Managed Device Networking devices, such as routers and advanced switches, that must be configured to use.
Managed Hub Also known as an intelligent hub, this is a hub that enable you to monitor and configure its operations.
Managed Network Network that is monitored by the SNMP protocol consisting of SNMP managed devices, Management Information Base (MIB) items, and SNMP manager(s).
Management Information Base SNMP's version of a server. See Simple Network Management Protocol (SNMP).
Manchester encoding A digital transmission encoding scheme that represents the transition from positive to ground with a 0 and a negative to positive voltage transition in the middle of the bit period designates a binary 1.
Mandatory Access Control A security model in which every resource is assigned a label that defines its security level. If the user lacks that security level, they do not get access.
Man-in-the-middle Attack A form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.
Mantrap An entryway with two successive locked doors and a small space between them providing one-way entry or exit. This is a security measure taken to prevent tailgating.
Manual Tunnel A simple point-to-point connection between two IPv6 networks. As a tunnel, it uses IPSec encryption.
Many-to-One Mapping When multiple certificates are mapped to a single recipient.
Master Boot Record An area on a hard disk drive that contains the program necessary for the computer to start up and a description of how the hard drive is organized.
Material Safety Data Sheet Document that describes the safe handling procedures for any potentially hazardous, toxic, or unsafe material.
Maximum Transmission Unit Specifies the largest size of a data unit in a communications protocol, such as Ethernet.
MD5 Hash Size 128 bits
Mean Time Between Failures Predicted elapsed time between inherent failures of a system during operation
Mean Time To Failure Length of time a device or other product is expected to last in operation
Mean Time To Recover Average time that a device will take to recover from any failure
Mechanical Transfer Registered Jack Sometimes called a Fiber Jack connector, it is a compact snap-to-lock connector used with multimode fiber.
Media Access Control A sub-layer of the Data Link layer of the OSI model that is responsible for sensing the presence of data frames on a medium and allowing the nodes to access the medium.
Media Access Control Address Unique 48-bit address assigned to each network card. IEEE assigns blocks of possible addresses to various NIC manufacturers to help ensure that each address is unique
Media Access Method A network communications mechanism that determines whether or not a particular node can transmit data on a network at a given time.
Media Converter A device that lets you interconnect different types of Ethernet cable.
Media Gateway Control Protocol A protocol that is designed to be a complete VoIP or video presentation connection and session controller
Medianet A network of far-flung routers and servers that provides sufficient bandwidth for video teleconferencing (VTC) via quality of service (QoS) and other tools.
Mega Prefix that usually stands for the binary quantity 1,048,576. Can also stand for the quantity 1,000,000
Megabyte 1,048,576 bytes.
Megahertz A unit of measure that equals a frequency of 1 million cycles per second.
Memorandum of Understanding A document that defines an agreement between two parties in situations where a legal contract is not appropriate.
Mesh Topology Topology in which each computer has a direct or indirect connection to every other computer in a network. Any node on the network can forward traffic to other nodes. Popular in cellular and many wireless networks.
Message Authentication Code Short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity)
Message-Digest Algorithm Version 5 Arguably the most popular hashing function.
Metamorphic Virus A virus that alters how it appears to avoid detection
Metasploit A unique tool that enables a penetration tester to use a massive library of attacks as well as tweak those attacks for unique penetrations.
Metric Relative value that defines the "cost" of using a particular route.
Metro Ethernet A metropolitan area network (MAN) based on the Ethernet standard.
Metropolitan Area Network A network that covers an area equivalent to a city or other municipality.
Microsoft Baseline Security Analyzer Microsoft-designed tool to test individual Windows-based PCs for vulnerabilities.
Microsoft Challenge Handshake Authentication Protocol Microsoft version of the Challenge-Handshake Authentication Protocol, CHAP
Microsoft Management Console A Windows tool that is used to manage IPSec policies on Windows systems.
Microsoft Point-to-Point Encryption A method of data encryption between PPP dial up connections or PPTP VPN connections.
Microwave Transmission A form of point-to-point wireless transmission over unbounded media in which signals are sent via pulses of electromagnetic energy in the microwave region of the spectrum.
Miredo An open source implementation of Teredo for Linux and some other UNIX-based systems. It is a NAT-traversal IPv6 tunneling protocol.
Mirroring Also called drive mirroring, reading and writing data at the same time to two drives for fault-tolerance purposes. Considered RAID level 1.
Mixed Mode Also called high-throughput, or 802.11a-ht/802.11g-ht, one of three modes used with 802.11n wireless networks wherein the wireless access point (WAP) sends special packets that support older standards yet can also improve the speed of those standards
Mixed Mode Network A network that incorporates elements from more than one of the three standard network models.
MME (Mesh Made Easy) A protocol used for routing in wireless networks.
Mobile Telecommunications Switching Office The link between the cellular network and the wired telephone world that controls all of the transmitters and base stations in the cellular network.
Modal Distortion A light distortion problem unique to multimode fiber-optic cable.
Model A simplified representation of a real object or process. Represent logical tasks and subtasks that are required to perform network communication.
Modulation Techniques The various multiplexing and demultiplexing technologies and protocols, both analog and digital.
Modulator A device that superimposes a high frequency carrier wave over an analog signal.
Modulator-Demodulator A device that converts both digital bit streams into analog signals and incoming analog signals back into digital signals. Most commonly used to interconnect telephone lines to computers.
Monitoring as a Service Provides the option to offload a large majority of those costs by having it run as a service as opposed to a fully invested in house tool
Monlist A query that asks the NTP server about the traffic going on between itself and peers.
Mounting Bracket Bracket that acts as a holder for a faceplate in cable installations.
MS-CHAP Microsoft's dominant variation of the CHAP protocol, uses a slightly more advanced encryption protocol.
MTU Black Hole When a router's firewall features block ICMP requests, making MTU worthless.
MTU Mismatch The situation when your network's packets are so large that they must be fragmented to fit into your ISP's packets.
Multicast Method of sending a packet in which the sending computer sends it to a group of interested computers.
Multicast Addresses A set of reserved addresses designed to go from one system to any system using one of the reserved addresses.
Multicast Transmission A transmission method in which data is sent from a server to specific nodes that are predefined as members of a multicast group.
Multifactor Authentication A form of authentication where a user must use two or more factors to prove his or her identity.
Multi-factor Authentication Any authentication scheme that requires validation of at least two of the possible authentication factors.
Multilayer Switch A switch that has functions that operates at multiple layers of the OSI seven-layer model.
Multilink PPP A communications protocol that logically joins multiple PPP connections, such as a modem connection, to aggregate the throughput of the links.
Multimeter An electronic measuring instrument that takes electronic measurements such as voltage, current, and resistance.
Multimode Type of fiber-optic cable with a large-diameter core that supports multiple modes of propagation. The large diameter simplifies connections, but has drawbacks related to distance.
Multimode Fiber A type of fiber optic cable that carries multiple light signals on a single strand.
Multiple In/Multiple Out A feature in 802.11 WAPs that enables them to make multiple simultaneous connections.
Multiplexer A device that merges information from multiple input channels to a single output channel.
Multiplexing A controlled media access method in which a central device called a multiplexer combines signals from multiple nodes and transmits the combined signal across a medium.
Multipoint Connections Connections between many nodes.
Multiprotocol Label Switching A network technology defined by a set of IETF specifications that enable Layer 3 devices, such as routers, to establish and manage network traffic.
Multipurpose Internet Mail Extensions A standard for attaching binary files, such as executables and images, to the Internet's text-based mail (24-Kbps packet size).
Multisource Agreement A document that details the interoperability of network hardware from a variety of manufacturers.
Mutual Authentication A security mechanism that requires that each party in a communication verify its identity.
MX Records Records within DNS servers that are used by SMTP servers to determine where to send mail.
My Traceroute Terminal command in Linux that dynamically displays the route a packet is taking. Similar to traceroute.
Name Resolution A method that enables one computer on the network to locate another to establish a session. Performed either via broadcast or by providing some form of name server.
Name Server A DNS record that delegates a DNS zone to use the given authoritative name servers. Also a computer whose job is to know the name of every other computer on the network.
Nanosecond A billionth of a second. Light travels a little over 11 inches in 1 ns.
NAT Translation Table Special database in a NAT router that stores destination IP addresses and ephemeral (short lived) source ports from outgoing packets and compares them against returning packets.
National Institute of Standards and Technology Measurement standards laboratory, also known as a National Metrological Institute (NMI), which is a non-regulatory agency of the United States Department of Commerce
Native VLAN The specified VLAN designation that will be assigned to all untagged frames entering a trunk port in a switch.
nbtstat A command-line utility used to check the current NetBIOS name cache on a particular machine. The utility compares NetBIOS names to their corresponding IP addresses.
Near Field Communication Short-range wireless connectivity standard (Ecma-340, ISO/IEC 18092) that uses magnetic field induction to enable communication between devices when they're touched together, or brought within a few centimeters of each other
Near-End Crosstalk Crosstalk at the same end of a cable from which the signal is being generated.
Nessus Popular and extremely comprehensive vulnerability testing tool.
NetBIOS Extended User Interface Microsoft's first networking protocol, designed to work with NetBIOS. Obsoleted due to TCP/IP. Did not support routing.
NetBIOS Name A computer name that identifies both the specific machine and the functions that machine performs. Consists of 16 characters: the first 15 are an alphanumeric name, and the 16th is a special suffix that identifies the role the machine plays.
NetBIOS over TCP/IP A Microsoft-created protocol that enabled NetBIOS naming information to be transported over TCP/IP networks. The result is that Microsoft naming services can operate on a TCP/IP network without the need for DNS services.
NetFlow The primary tool used to monitor packet flow on a network.
NetFlow Collector Component process of NetFlow that captures and saves data from a NetFlow-enabled device's cache for future NetFlow analysis.
netstat A universal command-line utility used to examine the TCP/IP connections open on a given host.
Network A collection of two or more devices interconnected by telephone lines, coaxial cables, satellite links, radio, and/or some other communication technique. Group of computers that are connected together and communicate with one another for a common purpose
Network Access Control A term that refers to collected protocols, policies, and hardware that govern access on devices to and from a network.
Network Access Policy Rules that define who can access the network, how it can be accessed, and what resources of the network can be used.
Network Access Server Systems that control the modems in a RADIUS network.
Network Acknowledgment A signal used by a communication protocol between nodes on a network to acknowledge receipt of data.
Network Address A protocol-specific identifier assigned to anode that maps to a MAC address.
Network Address Control Sets the rules by which connections to a network are governed.
Network Address Translation A means of translating a system's IP address into another IP address before sending it out to a larger network. Translates internal private IP addresses to a public IP address, enabling many systems to share a single IP address.
Network Administration Covers the support functions that are required to manage the network. It comprises functions that do not involve performing changes such as configuring and tuning or the running of the actual network.
Network Analyzer A software or hardware tool that integrates diagnostic and reporting capabilities to provide a comprehensive view of an organization's network.
Network Appliance Feature-packed network box that incorporates numerous processes such as routing, Network Address Translation (NAT), switching, intrusion detection systems, firewall, and more.
Network as a Service A method by which service providers lease resources on the network such as communication services and infrastructure.
Network Attached Storage A dedicated file server that has its own file system and typically uses hardware and software designed for serving and storing files.
Network Backbone The highest-speed transmission path that carries the majority of network data.
Network Baseline A baseline that documents the network's current performance level and provides a quantitative basis for identifying abnormal or unacceptable performance.
Network Basic Input/Output System A protocol that operates at the Session layer of the OSI seven-layer model. This protocol creates and manages connections based on the names of the computers involved.
Network Blocks Also called blocks, contiguous ranges of IP addresses that are assigned to organizations and end users by IANA.
Network Closet An equipment room that holds servers, switches, routers, and other network gear.
Network Design The process of gathering together and planning the layout for the equipment needed to create a network.
Network Diagram An illustration that shows devices on a network and how they connect.
Network File System A client/ server application that enables users to access shared files stored on different types of computers and work with those files as if they were stored locally on their own computers.
Network ID A number used in IP networks to identify the network on which a device or machine exists.
Network Interface A device by which a system accesses a network. In most cases, this is a NIC or a modem.
Network Interface Card A device that serves as an interface between the computer and the network
Network Interface Unit Another name for a demarc.
Network Intrusion Detection System A type of IDS that attempts to detect malicious network activities—for example, port scans and DoS attacks—by constantly monitoring network traffic.
Network layer Layer 3 of the OSI seven-layer model. Addresses data packets, routes the packets from a source to a destination through the network, and ensures the delivery of those packets.
Network Management Management of systems on the network using various activities, methods, procedures, and tools that relate to the operation, administration, maintenance, and provisioning of these systems.
Network Management Software Tools that enable you to describe, visualize, and configure an entire network.
Network Management Station SNMP console computer that runs the SNMP manager software.
Network Map A highly detailed illustration of a network, down to the individual computers. Will show IP addresses, ports, protocols, and more.
Network Mapping The study of physical and logical connectivity of networks.
Network Media The conduit through which signals flow, can be either bounded or unbounded.
Network Model A network design specification for how the nodes on a network interact and communicate.
Network Name A name assigned to a node to help users and technicians recognize the device.
Network News Transfer Protocol A protocol used to post and retrieve messages from newsgroups, usually from the worldwide bulletin board system called USENET.
Network Operating System Computer operating system system that is designed primarily to support workstation, personal computer, and, in some instances, older terminal that are connected on a local area network (LAN)
Network Operations Center A centralized location for techs and administrators to manage all aspects of a network.
Network Perimeter The border of a computer network, commonly secured by devices such as firewalls and NIDS/NIPS solutions.
Network Policy A formalized statement that defines network functioning and establishes expectations for users, management, and IT personnel.
Network Protocol Special software that exists in every network-capable operating system that acts to create unique identifiers for each system. It also creates a set of communication rules
Network Reconstruction Plan A network plan that provides the steps to reconstruct the network.
Network Scanner A computer program used for scanning networks to obtain user names, host names, groups, shares, and services. Also known as network enumerators.
Network Share A shared resource on a network.
Network Technology The techniques, components, and practices involved in creating and operating computer-to-computer links.
Network Termination In ISDN, a device that connects the local telephone exchange lines to the customer's telephone or data equipment
Network Termination Unit In ISDN, a device that can directly connect to ISDNaware equipment, such as phones or ISDN NICs in computers.
Network Threat Any number of things that share one essential feature: the potential to damage network data, machines, or users.
Network Time Protocol An Internet protocol that enables synchronization of computer clock times in a network of computers by exchanging time signals.
Network Topology Refers to the way that cables and other pieces of hardware connect to one another.
Network-Based Anti-Malware A single source server that holds current anti-malware software. Multiple systems can access and run the software from that server. The single site makes the software easier to update and administer than anti-malware installed on individual systems.
Network-Based Firewall Firewall, perhaps implemented in a gateway router or as a proxy server, through which all network traffic must pass inspection to be allowed or blocked.
Network-based IDS An IDS system that primarily uses passive hardware sensors to monitor traffic on a specific segment of the network.
Network-based IPS An IPS that is a host that prevents an intrusion on another host that resides on a different IP address and takes actions to prevent an intrusion.
Networking Standard A set of specifications, guidelines, or characteristics applied to network components to ensure interoperability and consistency between them.
Network-to-Network Interface A switch that is inside an ATM network.
New Technology File System Proprietary file system developed by Microsoft. Starting with Windows NT 3.1, it is the default file system of Windows NT family
New Technology LAN Manager Suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users
Newsgroup The name for a discussion group on Usenet.
Next Hop The next router a packet should go to at any given point.
NIC Teaming Connecting multiple NICs in tandem to increase bandwidth in smaller increments
Nmap A network utility designed to scan a network and create a map. Frequently used as a vulnerability scanner.
No Execute A bit setting to designate a part of memory to contain only data, not executable code.
Node Any device that can connect to the network and generate, process, or transfer data.
Noise Undesirable signals bearing no desired information and frequently capable of introducing errors into the communication process.
Nonce A random number issued by an authentication protocol that can only be used once.
Non-Disclosure Agreement Contract by which one or more parties agree not to disclose confidential information that they have shared with each other as a necessary part of doing business together
Non-Discovery Mode A setting for Bluetooth devices that effectively hides them from other Bluetooth devices.
Non-Interactive Mode This mode of the nslookup utility prints only the name and requested details for one host or domain and is useful for a single query.
Non-Persistent Agent Software that does not stay resident in client station memory. It is executed prior to login. The agent presents the security characteristics to the access control server, which then decides to allow, deny, or redirect the connection.
Non-Promiscuous Mode When a network adapter captures only the packets that are addressed to it.
Non-repudiation The security goal of ensuring that data remains associated with the party that creates it or sends a transmission.
Non-Return to Zero A variation of the on-off keying digital transmission encoding scheme.
Non-Return to Zero Inverted A variation of the on-off keying digital transmission encoding scheme.
Normal Backup A full backup of every selected file on a system. This type of backup turns off the archive bit after the backup.
NS Records Records that list the DNS servers for a Web site.
nslookup A once handy tool that advanced techs used to query the functions of DNS servers. Most public DNS servers now ignore all but the most basicof these queries
NTFS Permissions Groupings of what Microsoft calls special permissions that have names like Execute, Read, and Write, and that allow or disallow users certain access to files.
NTLDR A Windows NT/2000/XP/2003 boot file. Launched by the MBR or MFT, NTLDR looks at the BOOT.INI configuration file for any installed operating systems.
NTLM Hash Successor to the LM hash. A more advanced hash used to store Windows passwords, based off the RC4 algorithm.
NTLM2 Hash Successor to the NTLM hash. Based off the MD5 hashing algorithm.
ntpdc A command that puts the NTP server into interactive mode in order to submit queries.
Null Session When used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$).
Object A group of related counters used in Windows logging utilities.
Offsite The term for a virtual computer accessed and stored remotely.
Ohm The value of electrical resistance through which one volt will maintain a current of one ampere.
Ohm Rating Electronic measurement of a cable's or an electronic component's impedance.
Omni-directional Antenna A type of antenna that radiates the signal beam out in all directions and has lower gain but a wider coverage area.
One Time Pad Considered the MOST difficult symetric (or "private key") encryption to crack. Each file uses a diffferent random number.
One-to-One Mapping When an individual certificate is mapped to a single recipient.
Online Certificate Status Protocol Internet protocol used for obtaining the revocation status of an X.509 digital certificate
On-off Keying A digital data transmission encoding scheme in which a change in voltage from one state to another within a predetermined interval is symbolized by a 1.
Open Authorization Open standard for token-based authentication and authorization on the Internet
Open License Agreement Volume licensing program for small- to mid-sized companies with fewer than 250 desktop computers
Open Mail Relay Also known as an SMTP open relay; it enables anyone on the Internet to send e-mail through an SMTP server.
Open Shortest Path First An interior gateway routing protocol developed for IP networks based on the shortest path first or link state algorithm
Open Source Applications and operating systems that offer access to their source code; this enables developers to modify applications and operating systems easily to meet their specific needs.
Open System Network A network that supports multiple communication protocol suites that different vendors develop.
Open Systems Interconnection An international standard suite of protocols defined by the International Organization for Standardization (ISO) that implements the OSI seven-layer model for network communications between computers.
Open Systems Interconnection Reference Model A network model developed by ISO for communication through open system networks.
Open Vulnerability Assessment Language A standard and a programming language designed to standardize the transfer of secure public information across networks and the Internet utilizing any security tools and services available
OpenSSH A series of secure programs developed by the OpenBSD organization to fix SSH's limitation of only being able to handle one session per tunnel.
Operating System The set of programming that enables a program to interact with the computer and provides an interface between the PC and the user. Examples are Microsoft Windows 10, Apple Mac OS X, and SUSE Linux.
Operating System Virtualization A virtualized environment in which an entire operating system environment is simulated.
Operational Model of Security Protection = Prevention + Detection + Response
Operator In a distributed control system, the operator is a human who runs the computer-controlled resources through a human machine interface
Optical Carrier x A standard that specifies the bandwidth for fiber optic transmissions.
Optical Power Meter Device that measures light intensity of light pulses within or at the terminal ends of fiber-optic cables.
Optical Time-Domain Reflectometer A variation of TDR that transmits light-based signals of different wavelengths over fiber optic cabling to determine cabling issues.
Organizationally Unique Identifier The first three bytes of a MAC address that uniquely identify a network device manufacturer.
Original Equipment Manufacturer Purchases components from manufacturers and puts them together in systems under its own brand name
Oscilloscope A device that plots the amplitude of an analog signal as a function of time and displays analog signals as sine wave-shaped plots.
Out of Phase Refers to two waves that either start at an offset from each other or have different frequencies.
Packet A unit of data transmitted on a network.
Packet Capture Computer networking term for intercepting a data packet that is crossing or moving over a specific computer network
Packet Filter Another name for a firewall.
Packet Filtering Inspects each packet passing through the firewall and accepts or rejects it based on rules.
Packet Loss The number of packets that are lost or damaged during transmission.
Packet Sniffer A device or program that monitors network communications and captures data.
Packet Sniffing An attack on wireless networks where an attacker captures data and registers data flows in order to analyze what data is contained in a packet.
Packet Switching Network A network in which data is broken up into separate packets and each packet is separately routed, without a dedicated connection between the endpoints.
Pan-Tilt-Zoom Name given to a type of IP camera where the user can control the movement and position of the lens from a remote location using controls on an Internet browser or software application
Parallel Data Transmission A transmission technique in which multiple bits are transmitted across multiple transmission lines.
Parity Check A process used to detect errors in memory or data communication.
Partial Mesh A variation of mesh topology in which only a few nodes have direct links with all other nodes.
Partition Table A table on the hard drive that describes how the hard drive is organized.
Passenger Protocol The original data being carried
Passive Hub A hub that receives data transmitted from a device on one port and broadcasts it out to the devices connected on all other ports.
Passive IDS An IDS that detects potential security breaches, logs the activity, and alerts security personnel.
Passive Optical Network A point-to-multipoint optical network that is used for broadcast transmissions using optical systems.
Password Attack Any type of attack in which the attacker attempts to obtain and make use of passwords illegitimately.
Password Authentication Protocol A remote-access authentication method that sends client IDs and passwords as cleartext
Password Cracker Software tool used to recover passwords from hosts or to discover weak passwords.
Password-Based Key Derivation Function 2 Applies a pseudorandom function to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations
Patch A small unit of supplemental code meant to address either a security problem or a functionality flaw in a software package or operating system.
Patch Management The practice of monitoring for, evaluating, testing, and installing software patches and updates.
Pathping A TCP / IP command that provides information about latency and packet loss on a network.
Path-vector Routing A routing method in which the router keeps track of the route from itself to the destination; however, rather than recording every individual node, this can treat entire autonomous systems as nodes.
PBX parachute A disaster recovery service provided by virtual PBX that keeps the phone service running in case of power failure.
Peer A self-sufficient computer that acts as both a server and a client.
Peer to Peer Computer networks in which each computer can act as a server for the others, allowing shared access to files and peripherals without the need for a central server
Peer-to-peer Network A network in which resource sharing, processing, and communications control are completely decentralized.
Penetration Testing A method of evaluating the security of a system by simulating one or more attacks on that system.
Perfect Forward Secrecy Property of secure communication protocols in which compromise of long-term keys does not compromise past session keys
Performance Baseline A baseline that is established to create the "norm" of performance.
Performance Monitor A software tool that monitors the state of services, processes, and resources on a system.
Performance Monitors Hardware or software through which data is accumulated on the normal operations of the systems and networks.
Permanent DoS Attack Generally consists of an attacker exploiting security flaws in routers and other networking hardware by flashing the firmware of the device and replacing it with a modified image.
Permanent Virtual Circuit A virtual circuit associated with leased lines and connects two endpoints, which are always on.
Permission A security setting that determines the level of access a user or group account has to a particular resource.
Personal Area Network A network that connects two to three workstations with twisted pair cabling most often seen in small or home offices.
Personal Electronic Device Lightweight consumer electronic device that looks like a hand-held computer but instead performs specific tasks
Personal Firewall Applications that protect an individual computer from unwanted Internet traffic; they do so by way of a set of rules and policies.
Personal Identity Verification Common credentialing and standard background investigation process required by Homeland Security Presidential Directive 12 (HSPD-12).
Personal Software Firewall Software that runs as a program on a local system to protect it against attacks.
Personally Identifiable Information Information used to uniquely identify, contact, or locate a person.
Pharming An attack in which a request for a website, typically an e-commerce site, is redirected to a similar-looking, but fake, website.
Phase The fixed point where a wave's cycle begins in relationship to a fixed point.
Phishing A type of email-based social engineering attack, in which the attacker sends email from a spoofed source, such as a bank, to try to elicit private information from the victim.
Physical Bus Topology A physical topology in which network nodes are arranged in a linear format.
Physical layer The OSI layer provides the means for transmitting data bits over a physical medium.
Physical Mesh Topology A network topology in which each node has a direct, point-to-point connection to every other node.
Physical Network Diagram A pictorial representation of the location of all network devices and endpoints, it depicts their connections to one another.
Physical Ring Topology A network topology in which all network nodes are connected in a circle.
Physical Security The implementation and practice of various control mechanisms that are intended to restrict physical access to facilities.
Physical Star Topology A network topology that uses a central connectivity device with separate point-to-point connections to each node.
Physical Topology A topology that describes a network's physical layout and shape.
Physical Tree Topology A physical network topology in which a central, or root, node is hierarchically connected to one or more nodes, which in turn are connected to other nodes lower in the hierarchy.
Piggybacking When an unauthorized person tags along with an authorized person to gain entry to a restricted area.
ping A TCP/IP command used to verify the network connectivity of a computer, and also to check if the target system is active.
Ping Flood When an attacker attempts to send many ICMP echo request packets (pings) to a host in an attempt to use up all available bandwidth.
Ping Of Death An attack that uses IP packet fragmentation techniques to crash remote systems.
Plain Old Telephone Service The world's collection of interconnected voice-oriented public telephone networks, both commercial and government-owned (Also PSTN)
Plaintext Unencoded data. Also known as cleartext.
Platform as a Service A method that enables infrastructure and tools from the service provider so that the client does not need to manage them.
Plenum Refers to an air handling space, including ducts and other parts of the HVAC system in a building.
Plenum Cable A grade of cable that does not give off noxious or poisonous gases when burned.
Plesiochronous Digital Hierarchy A communications standard that can carry data over fibre optic or microwave radio systems.
Pluggable Authentication Modules Mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface (API). It allows programs that rely on authentication to be written independently of the underlying authentication scheme
Point of Presence An access point to the internet, can be in the ISP, external to an ISP, or leased from a carrier or aggregator.
Pointer A DNS record that maps the IP address to a host name for reverse lookup functionality.
Point-to-point Connection A direct connection between two nodes on a network.
Point-to-Point Protocol A protocol that works on the Data Link layer of the TCP/IP protocol suite, used to send IP datagrams over serial point-to-point links. Can be used in synchronous and asynchronous connections and dynamically configure and test remote network connections
Point-to-Point Tunneling Protocol A Microsoft VPN layer 2 protocol that increases the security of PPP by providing tunneling and data encryption for PPP packets and uses the same authentication methods as PPP.
Poison Reverse An algorithm that prevents count-to-infinity loops by ensuring that a router broadcasts a route cost of 16 for all transmissions on its network.
Policy Rules or guidelines used to guide decisions and achieve outcomes. They can be written or configured on a computer.
Policy Statement An outline of the plan for the individual component on a network policy.
Polling A controlled media access method in which a central device contacts each node to check whether it has data to transmit.
Polymorphic Virus A virus that changes how it appears and encrypts its contents differently each time.
Polyvinyl Chloride A flexible rubber-like plastic used to surround some twisted pair cabling.
Pop-Up Blocker An application or add-on to a web browser that blocks pop-up windows that usually contain advertisements.
Port The endpoint of a logical connection that client computers use to connect to specific server programs.
Port Address Translation A subset of dynamic NAT functionality that maps either one or multiple unregistered addresses to a single registered address using multiple ports. Also known as overloading.
Port Filtering A technique of selectively enabling or disabling TCP and UDP ports on computers or network devices.
Port Mirroring The practice of duplicating all traffic on one port in a switch to a second port.
Port Scanner A type of software that searches a network host for open ports.
Port Scanning Attack An attack where an attacker scans your systems to see which ports are listening in an attempt to find a way to gain unauthorized access.
Post Office Protocol version 3 A protocol used from retrieving email from a mailbox on the mail server.
Power over Ethernet A standard that specifies a method for supplying electrical power over Ethernet connections.
Pre-Action Sprinkler System Similar to a dry pipe system, but there are requirements for it to be set off such as heat or smoke.
Premise Wiring The collection of drop cables, patch panels, and patch cables that together make a functional network.
Presentation layer The OSI layer that is responsible for translating data into a network compatible format.
Pre-Shared Key Shared secret which was previously shared between the two parties using some secure channel before it needs to be used
Pretexting When a person invents a scenario, or pretext, in the hope of persuading a victim to divulge information.
Pretty Good Privacy Uses keys and a secret passphrase to encrypt and decrypt e–mail.
Private Branch Exchange Telephone system within an enterprise that switches calls between enterprise users on local lines while allowing all users to share a certain number of external phone lines
Private IP Address Addresses used by organizations for nodes that need IP connectivity only within their enterprise network, but not external connections to the Internet.
Private Key In key-pair encryption, the key that is known only to an individual and is used to decode data.
Privilege Auditing Reviewing a subject's privileges over and object.
Privilege Bracketing The security method of allowing privileges to a user only when needed and revoking them as soon as the task is complete.
Privilege Escalation The act of exploiting a vulnerability in the software to gain access to resources that the user would normally be restricted from obtaining.
Privilege Management Process of assigning and revoking privileges to objects; it covers the procedures of managing object authorizations.
Procedure Instructions that detail specifically how to implement the policy on a network policy.
Programmable Read–Only Memory A chip with which the contents can be overwritten to provide new functionality.
Promiscuous Mode A mode of operation for network adapters that enables them to capture all packets sent across the network, regardless of the source or destination of the packets.
Protected Extensible Authentication Protocol Similar to EAP-TLS, this was proposed as an open standard by a coalition made up of Cisco Systems, Microsoft, and RSA Security.
Protocol Analyzer A type of diagnostic software that can examine and display data packets that are being transmitted over a network
Protocol Binding The assignment of a protocol to a NIC.
Proxy Auto Configuration Defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL
Proxy Server A system that isolates internal networks from the servers by downloading and storing files on behalf of clients.
Public Key In key-pair encryption, the key that is available to all and is used to encode data.
Public Key Cryptography Uses asymmetric keys alone or in addition to symmetric keys. The asymmetric key algorithm creates a secret private key and a published public key.
Public Key Infrastructure An encryption system that is composed of a CA, certificates, software, services, and other cryptographic components, for the purpose of verifying authenticity and enabling validation of data and entities.
Public Switched Telephone Network An international telephone system that carries analog voice data.
Punch Down Tool A tool used in a wiring closet to connect cable wires directly to a patch panel.
Qualitative Risk Assessment An assessment that assigns numeric values to the probability of a risk and the impact it can have on the system or network.
Quality of Service A set of parameters that controls the level of quality provided to different types of network traffic.
Quantitative Risk Assessment An assessment that measures risk by using exact monetary values.
Radiated Connection A wireless point-to-point or multipoint connection between devices.
Radio Frequency A frequency in which network or other communications that take place using radio waves in the 10 KHz to 1 GHz range.
Radio Frequency Interference Interference that can come from AM/FM transmissions and cell towers.
Radio Networking A form of wireless communications in which signals are sent via RF waves. Also called RF networking.
Rainbow Tables In password cracking, a set of precalculated encrypted passwords located in a lookup table.
Rapid Application Development Suite of software development methodology techniques used to expedite software application development
RC 4 RSA variable length stream cipher
RC 5 RSA variable length block–cipher
RC4 40 or 128 bit stream cipher The most widely used stream cipher, used in SSL and WEP. Simple and fast – but very easy to crack. By Ron Rivest or RSA security
Read Only Memory A chip that cannot be reprogrammed.
Real-time Transport Protocol Network protocol for delivering audio and video over IP networks
Recovery Agent Microsoft Windows user who has been granted the right to decrypt data that was encrypted by other users
Recovery Point Objectives In business impact analysis, the acceptable latency of data.
Recovery Time Objectives In business impact analysis, the acceptable amount of time to restore a function.
Recursive Query A query used by the DNS server for name resolution when a client requests that its preferred DNS server find data on other DNS servers.
Redistribution Point A network node that is used to transfer data.
Redundant Array of Independent Disks 1 Mirroring. Data is copied to two identical disks. If one disk fails, the other continues to operate.
Redundant Array of Independent Disks 5 Striping with Parity. Data is striped across multiple disks; fault tolerant parity data is also written to each disk.
Redundant Array of Inexpensive Disks A set of vendor-independent specifications for fault-tolerant configurations on multiple-disk systems.
Redundant ISP Secondary connections to another ISP; for example, a backup T-1 line.
Redundant Power Supply An enclosure that contains two complete power supplies, the second of which turns on when the first fails.
Refraction The phenomenon of light rays bending due to a change in speed when passing from one transparent medium to another.
Registration Authority An authority in a PKI that processes requests for digital certificates from users.
Remote Access A feature that allows an administrator to access client systems from any location on the network.
Remote Access Protocol A type of protocol that enables users to log on to a computer or network within an organization from an external location.
Remote Access Services A method where the user can dial in and authenticate with the same account he or she uses at the office.
Remote Authentication Dial-In User Service A protocol that enables a server to provide standardized, centralized authentication for remote users.
Remote desktop A connection mode that enables a user to access any network system from their workstation and perform tasks on the remote system.
Remote Desktop Protocol The protocol used by Microsoft's Terminal Services implementations.
Remote Framebuffer A protocol used in VNC for remote access and graphical user interfaces (Guys).
Remote Networking A type of network communication that enables users who are not at their physical locations to access network resources.
Remote Triggered Black Hole Filtering Technique that provides the ability to drop undesirable traffic before it enters a protected network
Removable Storage Devices, such as USB flash drives, that can store data from a computer and then be disconnected.
Repeater A device that regenerates a signal to improve transmission distances.
Replay Attack A type of network attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.
Resident Virus A virus that is loaded into random access memory and can interrupt almost any function executed by the computer operating system and alter it.
Residual Risk The risk that is left over after a security and disaster recovery plan have been implemented.
Return On Investment Used to compare a company's profitability or to compare the efficiency of different investments. Formula = (Net Profit / Cost of Investment) x 100.
Reverse Address Resolution Protocol A allows a node on a local area network to discover its IP address from a router's ARP table or cache.
Risk An information security concept that indicates exposure to the chance of damage or loss, and signifies the likelihood of a hazard or threat
Risk Acceptance The amount of risk an organization is willing to accept. Also known as risk retention.
Risk Assessment The attempt to determine the amount of threats or hazards that could possibly occur in a given amount of time to your computers and networks.
Risk Avoidance When an organization avoids risk because the risk factor is too great.
Risk Management The identification, assessment, and prioritization of risks, and the mitigating and monitoring of those risks.
Risk Mitigation When a risk is reduced or eliminated altogether.
Risk Reduction When an organization mitigates risk to an acceptable level.
Risk Transference The transfer or outsourcing of risk to a third party. Also known as risk sharing.
Rivest, Shamir and Adleman A public key cryptography algorithm created by Rivest, Shamir, Adleman. It is commonly used in e-commerce.
Rogue Access Point An unauthorized wireless access point on a corporate or private network, which allows unauthorized individuals to connect to the network.
Role–Based Access Control Access control based on subjects being assigned certain roles. Access control is managed at the role level instead of the subject level.
Rollup A collection of previously issued patches and hotfixes, usually meant to be applied to one component of a system, such as the web browser or a particular service.
Rootkit Software that is intended to take full or partial control of a system at the lowest levels.
Routable Protocol A network protocol which provides separate network and node addresses to work with routers.
Route Convergence The period of time between a network change and the router updates to reach a steady state once again.
Router A networking device that connects multiple networks that use the same protocol.
Router discovery protocols Protocols that are used to identify routers on the network.
Routing The process of selecting the best route for moving a packet from its source to destination on a network.
Routing Information Protocol A routing protocol that configures routers to periodically broadcast their routing tables. Routers using this broadcast their tables regardless of whether or not any changes have occurred on the network.
Routing Loop A routing process in which two routers discover different routes to the same location that include each other but never reach the endpoint.
Routing Table A database created manually or by a route-discovery protocol that contains network addresses as perceived by a specific router. A router uses this to forward packets to another network or router.
RSA Variable Key Size Encryption Algorithm A stream cipher, remarkable for its simplicity and speed in software, but multiple vulnerabilities have been discovered, rendering it insecure
RSS feeds Allow users to subscribe and receive updates made to a web page.
Security Association The negotiated relationship between two computers using IPSec. The result of the two-stage negotiation process. These stages are known as Phase 1 and Phase 2.
Sag An unexpected decrease in the amount of voltage provided.
Salting The randomization of the hashing process to defend against cryptanalysis password attacks and Rainbow Tables.
Sandbox A restrictive fence that surrounds a java program and keeps it awway from private data and other resources on a local computer.
Sarbanes–Oxley Act A US federal act that enforces reporting requirements and internal controls on electronic financial reporting systems.
Satellite Internet An Internet connection method that uses a satellite network.
Satellite Phone A telephone system that relies on the satellite network to provide services, instead of the infrastructure of the local telephone switch.
Satellite Television A method of relaying video and audio signals directly to the subscriber's television sets using geosynchronous satellites.
Scope In DHCP, the IP addresses that a DHCP server is configured with and can assign to clients.
Script Kiddie An unskilled user who downloads automated attack software to attack computers.
Scripting Language A computer programming language that is typically interpreted into a language the computer can understand without the need f a compiler.
Secure Code Review An in-depth code inspection procedure.
Secure Coding Concepts The best practices used during the life cycle of software development.
Secure Copy Protocol A protocol that uses SSH to securely copy files between a local and a remote host, or between two remote hosts.
Secure Hash Algorithm A group of hash functions designed by the NSA and published by the NIST, widely used in government
Secure Hypertext Transfer Protocol Obsolete alternative to the HTTPS protocol for encrypting web communications carried over HTTP
Secure Shell A program that enables a user or an application to log on to another computer over a network, run commands in a remote machine, and transfer files from one machine to the other.
Secure Socket Layer VPN A VPN format that works with a web browser-installing a separate client is not necessary.
Secure Socket Tunneling Protocol Uses the HTTP over SSL protocol and encapsulates an IP packet with an SSTP header.
Secure Sockets Layer A security protocol that uses certificates for authentication and encryption to protect web communication.
Secure/Multipurpose Internet Mail Extensions Built into most Web browsers. This method of sending e–mail uses RSA encryption.
Secured File Transfer Protocol Network protocol that provides file transfer and manipulation functionality over any reliable data stream
Security Assertions Markup Language XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
Security Content Automation Protocol Method for using specific standards to enable the automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization
Security Incident A specific instance of a risk event occurring, whether or not it causes damage.
Security Information and Event Management software products and services combining security information management (SIM) and security event management (SEM)
Security Log Files Files that log activity of users. They show who did what and when, plus whether they succeeded or failed in their attempt.
Security Parameters Index The SPI helps the computer keep track of the computers it is communicating with.
Security Policy A formalized statement that defines how security will be implemented within a particular organization.
Security Posture The risk level to which a system, or other technology element, is exposed
Security Posture Assessments Assessments that use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems and networks.
Security Template A method to configure a suite of configuration baseline security settings.
Security Tokens Physical devices given to authorized users to help with authentication. These devices might be attached to a keychain or are part of a card system.
Segment A physical subdivision of a network that links a number of devices, or serves as a connection between two specific nodes.
Separation of Duties This is when more than one person is required to complete a particular task or operation.
Serial Cable A serial cable is a type of bounded network media that transfers information between two devices using serial transmission.
Serial Data Transmission A transmission technique in which the transmission of bits occurs as one per clock cycle, across a single transmission medium.
Server A network computer that shares resources with and responds to requests from computers, devices, and other servers on the network.
Server Message Block A protocol that works on the Application layer and is used to share files, serial ports, printers, and communications devices, including mail slots and named pipes, between computers.
Server Message Block Protocol Network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network
Server Virtualization Creating and managing multiple server operating systems.
Service Level Agreement An agreement entered into by the transmitter, ISP and the receiver, subscriber.
Service Locator (Service Locator) A DNS record that specifies a generic service location record for newer protocols.
Service Pack A collection of system updates that can include functionality enhancements, new features, and typically all patches, updates, and hotfixes issued up to the point of the release of the service pack.
Service Set Identifier A 32-bit alphanumeric string that identifies a WAP and all devices attached to it.
Session Hijacking Attack An attack where the attacker exploits a legitimate session to obtain unauthorized access to an organization's network or services.
Session Layer The OSI layer that is responsible for establishing a connection between network devices, maintaining the connection, and then terminating or reestablishing it when required.
Session Ticket Authentication Credential from KDC allows client access to resource server
SHA 1 Hash Size 160 bits
Shared-key Encryption An encryption system in which a single key is shared between parties in a communication and used to both encode and decode the message.
Shielded Twisted Pair Special kind of copper telephone wiring used in some business installations. An outer covering or shield is added to the ordinary twisted pair telephone wires; the shield functions as a ground
Shielding A method of placing grounded conductive material around the media to prevent the introduction of noise into the media.
Short Message Service Text messaging service component of most telephone, World Wide Web, and mobile telephony systems. It uses standardized communication protocols to enable mobile phone devices to exchange short text messages.
Shoulder Surfing When a person uses direct observation to find out a target’s password, PIN, or other such authentication information.
Signal The electromagnetic pulses that ace transmitted across a network medium.
Signal Bounce A condition in which the signals endlessly move from one end of a cable to the other end.
Signature Files Antivirus update files; also known as definition files.
Signature–Based Defense A method that identifies malware on a computer by matching it to an antivirus signature file.
Signature-Based Monitoring Frames and packets of network traffic are analyzed for predetermined attack patterns. These attack patterns are known as signatures.
Signed Java Applet A java applet from a trusted source
Simple Certificate Enrollment Protocol Protocol is used by numerous manufacturers of network equipment and software who are developing simplified means of handling certificates for large-scale implementation to everyday users
Simple Mail Transfer Protocol A communications protocol that enables sending email from a client to a server or between servers.
Simple Network Management Protocol An Application-layer protocol used to exchange information between network devices.
Simple Object Access Protocol Messaging protocol that allows programs that run on disparate operating systems (such as Windows and Linux) to communicate using Hypertext Transfer Protocol (HTTP) and its Extensible Markup Language (XML)
Simplex A one-way mode of communication, such as radio and television broadcasts
Sine Wave A smoothly oscillating curve that is the result of calculating the sine of the angles between zero and 360 and plotting the results.
Single Loss Expectancy Monetary value expected from the occurrence of a risk on an asset. It is related to risk management and risk assessment
Single mode Fiber A type of fiber optic cable that carries a single optical signal.
Single Point of Failure An element, object, or part of a system that, if it fails, will cause the whole system to fail.
Single Sign-On A session/user authentication process that permits a user to enter one name and password in order to access multiple applications.
Sliding Window A type of data window in which block sizes are variable. Window size is continually reevaluated during transmission, with the sender always attempting to send the largest window it can to speed throughput.
Small Computer System Interface An older personal computer connection standard that provides high-performance data transfer between the SCSI device and the other components of the computer
Small Form Factor Pluggable A transceiver used to interconvert electrical signals to optical signals.
Small office/home office A small network that can comprise up to 10 nodes.
Smart Card A plastic card containing an embedded computer chip that can store different types of electronic information.
Smart Jack A device that serves as the demarcation point between the end user's inside wiring and local access carriers' facilities.
SMTP Open Relay An uncontrolled smtp relay
SMTP Relay Forwarding e–mail sent from an email client to a remote domain through an smtp server.
Smurf Attack A non–OS–specific attack that uses a third party's network segment to overwhelm a host with a flood of Internet Control Message Protocol (ICMP) packets.
Snap–In A software modue that provides administrative capabilities for a device.
Sniffing Listening–in on all of the traffic on the network. Watch for key strings before beginning a capture; most also have the capability of translating the machine language of the network into human–readable form, and interpret it
Sniffing Attack A network attack that uses special monitoring software to gain access to private communications on the network wire or across a wireless network. Also known as an eavesdropping attack.
SNMP Agent Software deployed by the network management system that is loaded on managed devices. The software redirects the information that the NMS needs to monitor the remote managed devices.
snoop Solaris built in sniffer
Social Engineering Con–artistry. An indirect attack on a system that relies on the inherent trusting nature, or gullibility of human beings.
Social Engineering Attack A type of attack where the goal is to obtain sensitive data, including user names and passwords, from network users through deception and trickery.
Socket Software in an operating system that connects an application with a network protocol.
Software as a Service A cloud computing service where users access applications over the Internet that are provided by a third party.
Software Attack Any attack that targets software resources including operating systems, applications, protocols, and files.
Software Development Life Cycle Methodology Term used in systems engineering, information systems and software engineering to describe a process for planning, creating, testing, and deploying an information system
Solid State Drive All-electronic storage device that is an alternative to a hard disk
Spam An email-based threat that floods the user's inbox with emails that typically carry unsolicited advertising material for products or other spurious content, and which sometimes delivers viruses.
Spam over Internet Messaging Unsolicited bulk messages broadcast over VoIP (Voice over Internet Protocol) to phones connected to the Internet
Spanning-Tree Protocol A Layer 2 protocol that is used for routing and prevents network loops by adopting a dynamic routing method.
Spear Phishing A type of phishing attack that targets particular individuals.
Special Hazard Protection System A clean agent sprinkler system such as FM-200 used in server rooms.
Spike A short transient in voltage that can be due to a short circuit, tripped circuit breaker, power outage, or lightning strike.
Split Horizon An algorithm that prevents count-to-infinity loops by configuring a router from broadcasting internal network information.
Spoofing A human- or software-based attack where the goal is to pretend to be someone else for the purpose of identity concealment.
Spread Spectrum A form of radio transmission in which the signal is sent over more than one frequency to discourage eavesdropping.
Spy A person who has been hired to break into a computer and steal information.
Spyware Surreptitiously installed malicious software that is intended to track and report on the usage of a target system, or collect other data the author wishes to obtain.
SQL Injection An injection attack that uses structered query language
Standard A measure of adherence to the network policy.
Standby Generator Systems that turn on automatically within seconds of a power outage.
Start of Authority A DNS record that specifies authoritative information about a DNS zone.
Stateful Firewall A firewall that monitors communication paths and data flow on the network.
Stateful Packet Inspection Type of packet inspection that keeps track of network connections by examining the header in each packet
Stateless Firewall A firewall that manages and maintains the connection state of a session using the filter and ensures that only authorized packets are permitted in sequence.
Static Network Address Translation When a single private IP address translates to a single public IP address. This is also called one-to-one mapping.
Static Routing An type of routing used by a network administrator to manually specify the mappings in the routing table.
Station A device that contains an IEEE 802.11 conformant MAC interface to a wireless medium with an Ethernet-like driver interface.
Steganography he science (and art) of writing hidden messages; it is a form of security through obscurity.
Storage And Retention Policies Policies that outline the requirements for data storage.
Storage Area Network A specialized high–speed network for attaching servers to storage devices
Store and Forward A data transmission method used to send data to a server or router where the data is stored until the next hop becomes available.
Straight Tip A connector used to connect multimode fiber.
Stream Cipher A symmetric key cipher where plaintext bits are combined with a pseudo–random cipher bit stream. Typically very fast, with little system impact – but it is highly suscpetable to cracking, because of the pseudo–random key
Strong Password A password that meets the complexity requirements that are set by a system administrator and documented in a password policy.
Structured Exception Handler mechanism for handling both hardware and software exceptions.
Structured Query Language Standard computer language for relational database management and data manipulation
Stub Autonomous Systems An autonomous system in which the source or the destination node must exist within the system.
Sub Multi Assembly or Sub Miniature type A A connector with a threaded ferrule on the outside to itself where water or other environmental factors necessitate a waterproof connection.
Subnet A logical subset of a larger network, created by an administrator to improve network performance or to provide security.
Subnet Mask A 32-bit number assigned to each host for dividing the 32-bit binary IP address into network and node portions.
Subnetting The process of logically dividing a network into smaller sub networks or subnets.
Subscriber Connector or Standard Connector A connector used in a duplex configuration where two fibers are terminated into two SC connectors that are molded together.
Subscriber Identity Module Integrated circuit that is intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices
Supplicant The user or client that wants to be authenticated
Surge Means that there is an unexpected increase in the amount of voltage provided.
Swarm Downloading parts of a bittorrent file simultaneously from multiple users.
Switch A network device that acts as a common connecting point for various nodes or segments.
Switched Ethernet A LAN technology that connects computers using switches, enabling the devices on each switched connection to utilize the full bandwidth of the medium.
Switched Virtual Circuit A virtual circuit associated with dial-up and demand-dial connections and provide more flexibility than PVCs, allowing a single connection to an endpoint to connect to multiple endpoints as needed.
Switching A technique used to transmit information over a network to the destination network device.
Symmetric Key Algorithm A class of cipher that uses identical or closely related keys for encryption and decryption.
SYN Flood / SYN Attack DOS attack exploiting the TCP 3–way handshake. A multitude of SYN requests are sent to the target. The target responds with a SYN/ACK and waits for a default period for an ACK. The attacker will never reply
Synchronous Communications A communication method in which a byte is sent in a standardized time interval, enabling the receiver to use the predetermined time interval as the means to distinguish between bytes in the data stream.
Synchronous Digital Hierarchy Another optical communications standard that is based upon SONET and implemented widely outside the U.S.
Synchronous Optical Network A standard for synchronous data transmission on optical media.
System and Network Integrated Polling Software System and network monitoring software that runs on UNIX systems and offers both a command-line and web interface to monitor network and system devices.
System Control and Data Acquisition Control system architecture that uses computers for high-level process supervisory management, but uses other peripheral devices such as programmable logic controllers and discrete PID controllers to interface to the process plant or machinery.
System Events Operational actions that are performed by the operating system.
System Integrity Verifier An IDS that notifies when essential files have changed
System Monitoring A low–level systme program that uses a notification engine designed to monitor and track down hidden activity on a desktop system, server, pda or cell phone.
Systems Development Life Cycle The process of creating systems and applications, and the methodologies used to do so.
Tagged Image File Format A digital format used to handle images used in publishing and photography.
Tailgating A type of piggybacking where an unauthorized person follows an authorized person into a secure area, without the authorized person’s consent.
T-carrier system A digital and packet switched system that makes communication more scalable than the analog, circuit-switched systems.
TCP 3–way Handshake SYN –> <– SYN/ACK ACK/SYN –> Establishes a "Session" between two computers over a network.
TCP Reset Attack Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately.
TCP/IP Hijacking When a hacker takes over a TCP session between two computers without the need of a cookie or any other type of host access.
TCP/IP model A four-layer data communication model developed by the United States Department of Defense. To some extent, it is similar to the OSI model.
tcpdump Unix built in sniffer
Teardrop Attack A type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine.
Telecommunications Industry Association Along with EIA, developed the 568Commercial Building Telecommunication Cabling standard.
Telnet A terminal emulation protocol that allows users at one site to simulate a session on a remote host.
TEMPEST Refers to the investigations of conducted emissions from electrical and mechanical devices, which could be compromising to an organization.
Temporal Key Integrity Protocol A security protocol created by the IEEE 802.11i task group to replace WEP.
Terminal An end user's device on a host-based network, dedicated to transmitting data to a host for processing and displaying the result to the user.
Terminal Access Controller Access Control System Provides centralized authentication and authorization services for remote users.
Terminal Access Controller Access Control System Plus A Cisco proprietary product that supports multifactor authentication and is considered more secure and scalable than RADIUS.
Terminal Adapters In ISDN, the hardware interface between a computer and an ISDN line.
Terminal Emulator Software that enables a standard client computer to appear to a host computer as a dedicated terminal.
Terminal Equipment ISDN communications equipment that stations use to accomplish tasks at both ends of a communications link.
Termination Adding a resistor to the ends of a coax network segment to prevent reflections that would interfere with the proper reception of signals.
Terminator A network component attached to the ends of a network cable that can impede or absorb signals so they cannot reflect onto the cable
ThickNet Refers to Ethernet networking over RG8cabling.
ThinNet Refers to Ethernet networking over RG58/U or RG58A/U cabling.
Third–Party Cookie A cookie that is used by a web site other than the site that created it.
Threat Any potential violation of security policies or procedures.
Threat Agent A person or thing that has the power to carry out a threat.
Threshold When monitoring network performance, the value that signals that an object or component is functioning outside acceptable performance limits.
Ticket Authentication Server One of the components of Kerberos. Issues a TGT (Ticket Granting Ticket), which the client can use in future communications with Kerberos to prove pre–authentication and obtain
Ticket Granting Ticket Cached Authentication Credential from TGS allows client to request Session Ticket
Tickets Part of the authentication process used by Kerberos.
Time Bomb Trojans set off on a certain date.
Time To Live A value for the ping command that determines how many hops an IP packet can travel before being discarded.
Time-based One-Time Password Temporary passcode, generated by an algorithm, for use in authenticating access to computer systems. The algorithm that generates each password uses the current time of day as one of its factors, ensuring that each password is unique
Time-Division Multiplexing A multiplexing method in which the communication channel is divided into discrete time slots that are assigned to each node on a network.
Time-Domain Reflectometer A measuring tool that transmits an electrical pulse on a cable and measures the way the signal reflects back on the TDR to determine network issues.
Time-of-Day Restriction When a user’s logon hours are configured to restrict access to the network during certain times of the day and week.
Token A physical or virtual object that stores authentication information.
Token ring A type of technology used on ring networks in which computers pass a special sequence of bits called a token between them.
Tone Generator An electronic device that sends an electrical signal through one set of UTP cables.
Tone Locator An electronic device that emits an audible tone when it detects a signal in a set of wires.
Top A CPU usage monitoring tool that provides a static snapshot, or a realtime display of the processes currently running on a CPU.
Topology A network specification that determines the network's overall layout, signaling, and data-flow patterns.
Torrents Active internet connections that download a specific file through a bittorrent.
Towers of Hanoi A backup rotation scheme based on the mathematics of the Towers of Hanoi puzzle. Uses three backup sets. For example, the first tape is used every second day, the second tape is used every fourth day, and the third tape is used every eighth day.
tracert A command that determines the route data takes to get to a particular destination.
Tracker A server program operated by the person or organization who wants to share a bittorrent file.
Traffic filtering A method that allows only legitimate traffic through to the network.
Traffic Shaping A QoS mechanism that introduces some amount of delay in traffic that exceeds an administratively defined rate.
Transaction Signature Computer networking protocol used primarily by the Domain Name System (DNS) to provide a means of authenticating updates to a DNS database
Transaction Tracking System Software that monitors a transaction through to completion.
Transceiver A device that has a transmitter and a receiver integrated into it to send and receive data.
Transit Autonomous Systems An autonomous system in which the source or the destination node does not reside within the system.
Transmission Control Protocol A connection-oriented, guaranteed-delivery protocol used to send data packets between computers over a network like the Internet.
Transmission Control Protocol/Internet Protocol A network protocol suite that is routable and allows computers to communicate across all types of networks.
Transport Layer The OSI layer that accepts data from the upper layers, and breaks it up into smaller units known as segments, passes them on to the lower layers, and ensures that all segments arrive correctly at the other end.
Transport Layer Security A security protocol that uses certificates and public key cryptography for mutual authentication and data encryption over a TCP/IP connection.
Transport Mode IPSec Mode where only the data(payload) is encrypted
Trap Door Code segments that were deliberatedly coded into the security or OS, to be used by the coder at a future date. Modern hyjacking methods sometimes allow intruders to "patch" a trapdoor, then return later to exploit it.
Triple DES A more-secure variant of DES that repeatedly encodes the message using three separate DES keys.
Trivial File Transfer Protocol A simple version of FTP that uses UDP as the transport protocol, and does not require a logon to the remote host.
Trojan Malicious software that masquerades as useful software. Rely on the end–user to run them.
Trojan horse An insidious type of malware that is itself a software attack and can pave the way for a number of other types of attacks.
Trojan Horses A program advertised as performing one activity but actually doing something else, or performing both the advertised and malicious activities.
Troubleshooting The recognition, diagnosis, and resolution of problems on a network.
Troubleshooting Model A standardized step-by-step approach to the troubleshooting process.
Trunking Combining multiple network connections to increase bandwidth and reliability.
Trusted Computer System Evaluation Criteria A DoD standard that sets basic requirements for assessing the effectiveness of computer security access policies. Also known as The Orange Book.
Trusted Platform Module International standard for a secure cryptoprocessor, which is a dedicated microcontroller designed to secure hardware by integrating cryptographic keys into devices
Tunnel A logical path through the network that appears like a point-to-point connection.
Tunnel Mode IPSec Mode where data and IP headers are encrypted
Tunneling A data transport technique in which a data packet is transferred inside the frame or packet of another protocol, enabling the infrastructure of one network to be used to travel to another network.
Twisted Pair A type of cable in which two conductors or pairs of copper wires are twisted around each other and clad in a color-coded, protective insulating plastic sheath or jacket to form a pair.
UDP Flood Attack A similar attack to the Fraggle. It uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process.
Unauthorized Access Any type of network or data access that is not explicitly approved by an organization.
Unbounded Media A networking medium that does not use a physical connection between devices and can transmit electromagnetic signals through the air using radio waves, microwaves, or infrared radiation.
Unicast Transmission A method for data transfer from a source address to a destination address.
Unified Extensible Firmware Interface Specification that defines a software interface between an operating system and platform firmware
Unified Threat Management Term to describe a category of security appliances which integrates a range of security features into a single appliance. Combine firewall, gateway anti-virus, and intrusion detection and prevention capabilities into a single platform
Uniform Resource Identifier String of characters used to identify a resource. Such identification enables interaction with representations of the resource over a network, typically the World Wide Web, using specific protocols
Uninterruptible Power Supply A device that provides backup power when the electrical power fails or drops to an unacceptable voltage level.
Universal Serial Bus A hardware interface standard designed to provide connections for numerous peripherals.
Unshielded Twisted Pair A type of twisted pair cabling that does not include shielding around its conductors.
USA Patriot Act A US federal act that broadens the surveillance of law enforcement agencies to enhance the detection and suppression of terrorism.
Usage Auditing The process of examining whihc subjects are accessing specific objects and how frequently.
USB Connection A personal computer connection that enables you to connect multiple peripherals to a single port with high performance and minimal device configuration.
User Acceptance Testing Last phase of the software testing process where actual software users test the software to make sure it can handle required tasks in real-world scenarios, according to specifications
User Account Control A security component of Windows Vista that keeps every user (besides the actual Administrator account) in standard user mode instead of as an administrator with full administrative rights—even if they are a member of the administrators group.
User Datagram Protocol A connectionless Transport-layer protocol that is one of the protocols in the Internet protocol suite, and is used with IP. It is also known as the Universal Datagram Protocol.
User-to-Network Interface A user device, it is an ATM border device that connects one ATM network to another or a LAN.
Vampire Tap A clamshell-like device that clamps over an RG8 cable, making contact with its conductors, and permitting a networking device to connect to the ThickNet segment.
Variable Length Subnet Mask A classless subnet mask that can be customized to a different length for each subnet based on the number of nodes on that subnet.
Vertical Cross-Connect Refers to cables that run vertically between floors in a building, or vertically between equipment in an equipment rack.
Very Small Aperture Terminal A small telecommunication Earth station that consists of a small antenna that transmits and receives signals from satellites.
Video Teleconferencing Telecommunication in the form of a videoconference.
Virtual Circuit Switching A switching technique that connects endpoints logically through a provider's network.
Virtual LAN A LAN in which network components can be connected even if they are not on the same LAN segment.
Virtual Local Area Network Hopping The act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.
Virtual Machine A self–contained software environment.
Virtual Network Computing A platform-independent desktop sharing system.
Virtual PBX A private communications service provider that provides a low-cost PBX service.
Virtual Private Network A private network that is configured within a public network such as the Internet
Virtual Server A remote software tool that can run its own operating systems or applications, similar to a physical server.
Virtual Switch A software-based switch that provides functionality similar to physical switches, and is used for connecting virtual systems to form a network.
Virtualization A means of managing and presenting computer resources by function without regard to their physical layout or location.
Virtualization Desktop Infrastructure Virtualization technology that hosts a desktop operating system on a centralized server in a data center.
Virus A sample of code that spreads from one computer to another by attaching itself to other files.
Vishing Voice phishing, a human-based attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services such as VoIP.
VLAN switch A configurable managed switch used on VLANs that creates a logical network structure, even when computers are on different physical segments.
VLAN Trunking Protocol A VLAN management protocol developed by Cisco.
Voice Over Data Systems Communications systems that replace traditional telephone links by transmitting analog voice communications over digital WAN networking technologies.
Voice over IP A voice over data implementation in which voice signals are transmitted over IP networks.
Voltage Event Recorder Another tool to use in conjunction with or in addition to using a voltmeter to test and verify that the electrical signals transmitting through the network cables are within the required specifications.
Voltmeter An electrical instrument that measures voltage and resistance between two points in a circuit.
Voluntary Tunnels VPN tunnels that are created between client endpoints at the request of the client
VPN concentrator A single device that incorporates advanced encryption and authentication methods in order to handle a large number of VPN tunnels.
VPN protocols Protocols that provide VPN functionality.
Vulnerability Any condition that leaves a system open to attack.
Vulnerability Assessment Baselining of the network to assess the current security state of computers, servers, network devices, and the entire network in general.
Vulnerability Management The practice of finding and mitigating software vulnerabilities in computers and networks.
Vulnerability Scanning The act of scanning for weaknesses and susceptibilities in the network and on individual systems.
War Chalking Using symbols to mark off a sidewalk or wall to indicate that there is an open wireless network which may be offering Internet access.
War Driving The act of searching for instances of wireless LAN networks while in motion, using wireless tracking devices like PDAs, mobile phones, or laptops.
Wardialing The act of scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to computer networks.
Wardriving The act of searching for wireless networks by a person in a vehicle through the use of a device with a wireless antenna, often a particularly strong antenna.
Warm Site A business site that performs noncritical functions under normal conditions, but which can be rapidly converted to a key operations site if needed .
Waveform Represents the shape of an analog signal.
Web of Trust A decentralized model used for sharing certificates without the need for a centralized CA.
Web-Application Firewall Application firewall for HTTP applications that applies a set of rules to an HTTP conversation
WEP High Security Key Size 128 bits
WEP Low Security Key Size nominally 64 bits
Wet Pipe Sprinkler System Consists of a pressurized water supply system that can deliver a high quantity of water to an entire building via a piping distribution system.
Whaling An email- or web-based form of phishing which targets particularly wealthy individuals. Also known as spear phishing.
White Hat A hacker who exposes security flaws in applications and operating systems so manufacturers can fix them before they become widespread problems.
Wide Area Network A network that spans multiple geographic locations, connecting multiple LANs using long-range transmission media.
Wi-Fi Protected Access A security protocol introduced to address some of the shortcomings in WEP, WEP, WPA2, and WiFi.
Wi-Fi Protected Access v2 Provides WPA with Advanced Encryption Standard (AES) cipher-based CCMP encryption for even greater security and to replace TKIP.
WiFi Protected Setup Network security standard to create a secure wireless home network
Windows Internet Naming Service An older type of naming service used on Windows-based networks.
Windows security policies Configuration settings within Windows operating systems that control the overall security behavior of the system.
Wire Crimper A tool that attaches media connectors to the ends of cables.
Wired Equivalent Privacy A protocol that provides 64-bit, 128-bit, and 256-bit encryption using the Rivest Cipher 4 (RC4) algorithm for wireless communication that uses the 802.11 and 802.11 b protocols.
Wireless Access Point A device that provides a connection between wireless devices and can connect to wired networks.
Wireless Antenna A device that converts high frequency signals on a cable into wireless electromagnetic waves and vice versa.
Wireless Communication A type of communication in which signals are transmitted over a distance without the use of a physical medium.
Wireless Intrusion Detection System Network device that monitors the radio spectrum for the presence of unauthorized access points
Wireless Intrusion Prevention System Network device that automatically take countermeasures to unauthorized access points
Wireless Local Area Network A self-contained network of two or more computers connected using a wireless connection.
Wireless Personal Area Network A network that connects devices in very close proximity but not through a wireless access point.
Wireless Security Any method of securing your WLAN network to prevent unauthorized network access and network data theft while ensuring that authorized users can connect to the network.
Wireless Tester A Wi-Fi spectrum analyzer used to detect devices and points of interference, as well as analyze and troubleshoot network issues on a WLAN.
Wireless TLS Security level for Wireless Application Protocol (WAP) applications
Wireless Wide Area Network Uses the wireless network technology to allow users to check email, surf the web, and connect to corporate resources accessible within the cellular network boundaries.
wireshark Free network sniffer (formerly ethereal, just renamed because or a copyright suite). Very similar to Unix TCPDUMP
Wiretapping Tapping into a network cable in an attempt to eavesdrop on a conversation or steal data.
Wiring Schematic A combination of a floor plan and a physical network topology. Similar to physical network diagrams, you can see the nodes on the network and how they are physically connected.
Word Splitting Spam that horizontally separates words so that they can still be read by the human eye.
Worldwide Interoperability for Microwave Access A packet-based wireless technology that provides wireless broadband access over long distances.
Worm A piece of code that spreads from one computer to another on its own, not by attaching itself to another file.
X Window system Uses the X protocol that leverages a client-server relationship to provide graphical user interface and input device management functionality to applications.
X.25 A legacy packet switching network technology developed in the 1970s to move data across less than reliable public carriers.
X.509 A common PKI standard developed by the ITU-T that incorporates the single sign-on authentication method.
Zero Configuration Networking A set of standards used for automatically configuring and allocating IP address on Ethernet as well as wireless networks.
Zero Day A vulnerability that is not known to the security public and therefore no protections, patches, or detection signatures exist for it
Zero Day Attack An attack that occurs when an attacker discovers and exploits a previously unknown flaw, providing "zero days" of warning.
Zombie Unauthorized software introduced on multiple computers to manipulate the computers into mounting a DDoS attack. Also called a drone.
Zone A file that physically divides the DNS database and contains the actual IP-to-host name mappings for one or more domains.
Created by: ccman1